Errors importing to STIG Benchmarks #1412
Replies: 4 comments
-
|
I encountered this yesterday as well. The STIG checklists that were released yesterday contain multiple rules with duplicate CCI values. The duplicate CCIs cause STIG manager to fail and produce the above error message. In your case, CCI-000795 is the duplicate CCI number (but that isn't the only duplicate in the Windows 11 STIG). I can see no reason why duplicating a CCI number for a rule would be valid, so I would lean towards this being an error in the newly released checklists. The new STIGs are also dated November 15th, 2024 (instead of October), so kind of looks like the quality control team had a bad day. One workaround is to manually edit the STIG XML and remove the duplicate CCIs. I'm going to hold out (at least for now) for a fix from DISA and/or the STIG Manager team. |
Beta Was this translation helpful? Give feedback.
-
|
@hotcobra @jb0000001 Ugh, yep, looks like DISA has found a new way to surprise us with their handling of STIG content! And good catch on the date, their QC is definitely lacking! We can look into handling these... anomalies in the STIG data on our side, but the proper solution would probably be for DISA to republish a corrected version. In the meantime, if you are comfortable using it, I've created a python script that will take a file and create a new .xml file with the duplicate ident CCI fields removed. I'll also attach a de-duplicated version of the Win11 STIG. U_MS_Windows_11_STIG_V2R2_Manual-xccdf-dup-ccis-removed.xml.txt |
Beta Was this translation helpful? Give feedback.
-
|
Opened and merged PR #1414 to address this on our side. Available now in the Docker Hub images tagged |
Beta Was this translation helpful? Give feedback.
-
|
@hotcobra @jb0000001 FYI, Release 1.4.17 incorporates a change to handle the duplicate CCIs in that STIG. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Running API 1.4.15 with MySql and NUWCDIVNPT Auth via Docker-compose.
Able to add Adobe STIG to Benchmarks but can't import Windows 11 STIGs.
Error is below
U_MS_Windows_11_V2R2_Manual_STIG/U_MS_Windows_11_STIG_V2R2_Manual-xccdf.xml
{
"error": "Duplicate entry '2132-000795' for key 'rev_group_rule_cci_map.index2'",
"stack": "Error: Duplicate entry '2132-000795' for key 'rev_group_rule_cci_map.index2'\n at PromisePoolConnection.query (/home/node/node_modules/mysql2/promise.js:94:22)\n at transaction (/home/node/service/STIGService.js:498:40)\n at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n at async retryFunction (/home/node/service/utils.js:486:14)\n at async module.exports.retryOnDeadlock (/home/node/service/utils.js:496:10)\n at async exports.insertManualBenchmark (/home/node/service/STIGService.js:571:12)\n at async importManualBenchmark (/home/node/controllers/STIG.js:26:22)"
}
Done
Beta Was this translation helpful? Give feedback.
All reactions