# $!/$ bin $/$ bash #Evaluate $-$ STIG on Linux using Bash function usage $()\{$cat $<<$EOF $--$ ScanType $<$ "Unclassified" $|"$ Classified $">$Use to instruct Evaluate $-$ STIG the classification of the asset. Valid ScanTypes are "Unclassified" and "Classified". If not specified, default will be "Unclassified". $--$ Marking Use to optionally set Marking in CKL and on header $/$ footer of files generated by Evaluate $-$ STIG. Example use is "CUI" $/"$ Confidential $"/"$ Secret $"/"$ Top Secret" but accepts any marking string. $--$ VulnTimeout Maximum time in minutes to allow a singular Vuln ID check to run. $--$ AnswerKey Use to instruct Evaluate $-$ STIG which Answer Key to use for determining if a comment from an answer file should be applied. Answer Keys are per Vuln ID and user $-$ defined within the answer file. If not specified, default Answer Key will be "DEFAULT". Refer to documentation for more information. $--$ AFPath Path to Answer Files. If not specified, defaults to $\backslash$ $PsScriptRoot $\backslash \backslash$ AnswerFiles $.--$ Output $<$ "Console" $|"$ CKL $"|"$ CKLB $"|"$ CombinedCKL $"|"$ CombinedCKLB $"|"$ STIGManager $"|"$ Summary $">$Specify output type $($ s $).$Use comma separation for multiple. If not specified, output will be returned to console. $--$ OutputPath Sets the directory path for Evaluate $-$ STIG to save its results. May be a local or UNC path. If not specified, default path will be C: $\backslash \backslash$ Users $\backslash \backslash$ Public $\backslash \backslash$ Public Documents or $\backslash \backslash$ opt $\backslash \backslash .--$ PreviousToKeep Number of previous scan results to retain. Default is $0.$Requires $-$ Output. $--$ AllowDeprecated Enable scanning of STIGs that are no longer available on cyber.mil $($ deprecated $).$By default, deprecated STIGs will not be scanned. $--$ AllowSeverityOverride Enables the use of the Severity Override and Justification fields in checklists. $--$ SelectSTIG Specify which STIG $($ s $)$to scan. For multiple STIGs, separate with commas. Cannot be specified with $--$ ExcludeSTIG. $--$ ExcludeSTIG Specify which STIG $($ s $)$to exclude from the scan. For multiple STIGs, separate with commas. Cannot be specified with $--$ SelectSTIG. $--$ ForceSTIG Ignore detection of STIG applicability and forcefully run a scan of selected STIG $($ s $).$For multiple STIGs, separate with commas. $*$ WARNING $*$Evaluate $-$ STIG results are not guaranteed with this option. Use at own risk. $*$ WARNING $*--$ SelectVuln Specify which Vulnerabilities $($ s $)$to scan $($ V $-$ ##### $).$For multiple Vulnerabilities, separate with commas. Can only be used with $--$ SelectSTIG. $--$ ExcludeVuln Specify which Vulnerabilities $($ s $)$to exclude from a scan $($ V $-$ ##### $).$For multiple Vulnerabilities, separate with commas. Can only be used with $--$ SelectSTIG. $--$ CiscoConfig Execute a scan of Cisco show tech files. May be a path to a single file, a folder, or combination using comma separation. $--$ ThrottleLimit Number of concurrent Evaluate $-$ STIG jobs to run when using $--$ CiscoConfig. Default is $10.--$ SMCollection Use to instruct Evaluate $-$ STIG which STIGManager Collection to upload results. $--$ SMPassphrase Passphrase to decrpyt private key if encrypted $.$ key is used for authentication to a STIGManager instance. $--$ ApplyTattoo Applies Evaluate $-$ STIG tattooing on system. Mainly for providing a detection method to configuration management tools. $--$ ListSupportedProducts Lists all products that Evaluate $-$ STIG currently supports. $--$ ListApplicableProducts Lists all Evaluate $-$ STIG supported STIGs that are applicable to the asset. $--$ Version Display Evaluate $-$ STIG version and running path. Malvin Cheboh $$ From: malvincheboh@yahoo.com To: Malvin ASSAA Sun, Aug $18$at $5$ : $42$PM # $!/$ bin $/$ bash #Evaluate $-$ STIG on Linux using Bash function usage $()\{$cat $<<$EOF $--$ ScanType $<$ "Unclassified" $|"$ Classified $">$Use to instruct Evaluate $-$ STIG the classification of the asset. Valid ScanTypes are "Unclassified" and "Classified". If not specified, default will be "Unclassified". $--$ Marking Use to optionally set Marking in CKL and on header $/$ footer of files generated by Evaluate $-$ STIG. Example use is "CUI" $/"$ Confidential $"/"$ Secret $"/"$ Top Secret" but accepts any marking string. $--$ VulnTimeout Maximum time in minutes to allow a singular Vuln ID check to run. $--$ AnswerKey Use to instruct Evaluate $-$ STIG which Answer Key to use for determining if a comment from an answer file should be applied. Answer Keys are per Vuln ID and user $-$ defined within the answer file. If not specified, default Answer Key will be "DEFAULT". Refer to documentation for more information. $--$ AFPath Path to Answer Files.