LJK/Security Reference Manual
A Boolean value returned by this entrypoint indicates whether
processing of this report should continue. A value of FALSE will
terminate processing.
COMPENSATING_CONTROL_TOTAL
Accept total compensating control information for report formatting.
Format
COMPENSATING_CONTROL_TOTAL
POLICY_NUMBER, POLICY_NAME, GROUP_NAME, COMPENSATING_CONTROL_NAME,
COMMENT_INSTANCE, QUESTION_TEXT, INSTANCE_COUNT, COMPLETED_COUNT,
VIOLATION_COUNT
RETURNS
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
write only
|
|
mechanism:
|
by value
|
Arguments
POLICY_NUMBER
|
VMS usage:
|
longword_unsigned
|
|
type:
|
unsigned longword
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Number that can be used as an index into an array of
policies used in the assessment whose
results are being reported.
POLICY_NAME
|
VMS usage:
|
char_string
|
|
type:
|
character string (maximum length 39)
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Name of the LJK/Security policy to which these totals
apply.
GROUP_NAME
|
VMS usage:
|
char_string
|
|
type:
|
character string
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Name of the Compensating Control group under which this item is
classified.
COMPENSATING_CONTROL_NAME
|
VMS usage:
|
char_string
|
|
type:
|
character string
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Name of the Compensating Control to which this call applies.
COMMENT_INSTANCE
|
VMS usage:
|
char_string
|
|
type:
|
character string (maximum length 80)
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
The particular external rule which is the subject of this entrypoint
call.
QUESTION_TEXT
|
VMS usage:
|
char_string
|
|
type:
|
character string
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Text of this Compensating Control statement.
INSTANCE_COUNT
|
VMS usage:
|
longword_unsigned
|
|
type:
|
unsigned longword
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Number of nodes to which this combination of Compensating Control and
comment instance applies.
COMPLETED_COUNT
|
VMS usage:
|
longword_unsigned
|
|
type:
|
unsigned longword
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Number of nodes on which this combination of Compensating Control and
comment instance has been completed.
VIOLATION_COUNT
|
VMS usage:
|
longword_unsigned
|
|
type:
|
unsigned longword
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Number of violations found for this combination of Compensating Control
and comment instance (always zero).
Description
This entrypoint provides total numbers of the following for the
Compensating Controls method:
- Instances Number of nodes to which this call
pertains.
- Completed Number of nodes on which this test was
completed.
- Violations Number of violations (always zero) found by this testing.
with each call to the entrypoint summarizing the results for a single
grouping (by Test, Comment Instance, Comment Instance then Test,
Remediation Responsibility or Remediation Completion Date).
A Boolean value returned by this entrypoint indicates whether
processing of this report should continue. A value of FALSE will
terminate processing.
COVERAGE
Accept coverage information for report formatting.
Format
COVERAGE
ENTITY_NAME, TOTAL_COUNT, ASSESSED_COUNT
RETURNS
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
write only
|
|
mechanism:
|
by value
|
Arguments
ENTITY_NAME
|
VMS usage:
|
char_string
|
|
type:
|
character string (maximum length 80)
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Name of the class of objects for which coverage is being enumerated by
this call.
TOTAL_COUNT
|
VMS usage:
|
longword_unsigned
|
|
type:
|
unsigned longword
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Number of Objects of this type that exist.
The number 2147483647 (hexadecimal 7FFFFFFF) means "2147483647 or more"
since particularly on VAX many languages cannot handle 64 bit numbers.
The number -1 (hexadecimal FFFFFFFF) means "unknown".
ASSESSED_COUNT
|
VMS usage:
|
longword_unsigned
|
|
type:
|
unsigned longword
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Number of Objects of this type that were assessed.
The number 2147483647 (hexadecimal 7FFFFFFF) means "2147483647 or more"
since particularly on VAX many languages cannot handle 64 bit numbers.
Description
This entrypoint provides statistics regarding the number of objects of
various types which were subjected to automatic testing.
A Boolean value returned by this entrypoint indicates whether
processing of this report should continue. A value of FALSE will
terminate processing.
FINALIZE
Finish report formatting.
Format
success=FINALIZE
RETURNS
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
write only
|
|
mechanism:
|
by value
|
Description
This entrypoint provides the final opportunity for processing by your
Report Formatting module, perhaps to summarize data from all prior
calls.
Your Report Formatting module can also use this entrypoint to clean up
temporary files, close other channels, etc.
As a "False" result returned from earlier entrypoints causes
processing to stop midstream, a "False" returned from the
FINALIZE entrypoint indicates a failure (for instance returning a
failure status to DCL).
A Boolean value returned by this entrypoint indicates the overall
success of report generation. A value of FALSE will return an error to
DCL if the LJK/SECURITY REPORT command was issued (as
distinguished from the REPORT command in subsystem mode).
INITIALIZE
Initialize for report formatting.
Format
INITIALIZE
PROVIDE_NODE_TOTAL, PROVIDE_INFO_TOTAL, PROVIDE_AUTOMATIC_TOTAL,
PROVIDE_MANUAL_EXAMINATION_TOTAL, PROVIDE_INTERVIEW_TOTAL,
PROVIDE_INVASIVE_TESTING_TOTAL, PROVIDE_COMPENSATING_CONTROL_TOTAL,
PROVIDE_NODE_DETAIL, PROVIDE_INFO_DETAIL, PROVIDE_AUTOMATIC_DETAIL,
PROVIDE_MANUAL_EXAMINATION_DETAIL, PROVIDE_INTERVIEW_DETAIL,
PROVIDE_INVASIVE_TESTING_DETAIL, PROVIDE_COMPENSATING_CONTROL_DETAIL,
PROVIDE_COVERAGE, PROVIDE_MANUAL_EXAMINATION_UNANSWERED,
PROVIDE_INTERVIEW_UNANSWERED, PROVIDE_INVASIVE_TESTING_UNANSWERED,
PROVIDE_SUCCESS_IN_TOTALS, INCLUDE_DETAIL, OUTPUT_ROUTINE,
INCLUDE_SUMMARY, INCLUDE_REMEDIATION, GROUPED_BY_TEST,
GROUPED_BY_COMMENT_INSTANCE, GROUPED_BY_COMMENT_INSTANCE_THEN_TEST,
GROUPED_BY_REMEDIATION_RESPONSIBILITY,
GROUPED_BY_REMEDIATION_COMPLETION_DATE, STATUS_ONLY, SHOW_TESTNAMES,
ASSESSMENT_NAME, OUTPUT_FILESPEC, FORMAT, COMMAND, TITLE
Arguments
PROVIDE_NODE_TOTAL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint NODE_TOTAL.
PROVIDE_INFO_TOTAL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INFO_TOTAL.
PROVIDE_AUTOMATIC_TOTAL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint AUTOMATIC_TOTAL.
PROVIDE_MANUAL_EXAMINATION_TOTAL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint MANUAL_EXAMINATION_TOTAL.
PROVIDE_INTERVIEW_TOTAL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INTERVIEW_TOTAL.
PROVIDE_INVASIVE_TESTING_TOTAL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INVASIVE_TESTING_TOTAL.
PROVIDE_COMPENSATING_CONTROL_TOTAL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint COMPENSATING_CONTROL_TOTAL.
PROVIDE_NODE_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint NODE_DETAIL.
PROVIDE_INFO_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INFO_DETAIL.
PROVIDE_AUTOMATIC_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint AUTOMATIC_DETAIL.
PROVIDE_MANUAL_EXAMINATION_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint MANUAL_EXAMINATION_DETAIL.
PROVIDE_INTERVIEW_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INTERVIEW_DETAIL.
PROVIDE_INVASIVE_TESTING_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INVASIVE_TESTING_DETAIL.
PROVIDE_COMPENSATING_CONTROL_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint COMPENSATING_CONTROL_DETAIL.
PROVIDE_COVERAGE
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint COVERAGE.
PROVIDE_MANUAL_EXAMINATION_UNANSWERED
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint
MANUAL_EXAMINATION_UNANSWERED.
PROVIDE_INTERVIEW_UNANSWERED
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INTERVIEW_UNANSWERED.
PROVIDE_INVASIVE_TESTING_UNANSWERED
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress calls to entrypoint INVASIVE_TESTING_UNANSWERED.
PROVIDE_SUCCESS_IN_TOTALS
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read-write
|
|
mechanism:
|
by reference
|
Clear this to suppress those calls to entrypoints
PROVIDE_AUTOMATIC_TOTAL, PROVIDE_INTERVIEW_TOTAL,
PROVIDE_INVASIVE_TESTING_TOTAL, and PROVIDE_MANUAL_EXAMINATION_TOTAL
that do not include any violations.
While calls with no violations could be ignored within the entrypoint,
clearing this flag saves considerable overhead within LJK/Security and
speeds the LJK/SECURITY REPORT command.
OUTPUT_ROUTINE
|
VMS usage:
|
procedure
|
|
type:
|
procedure entry mask
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Address of a routine to handle text output when /OUTPUT= was not
specified. The routine expects two parameters, the first of which is
the address of a string descriptor of the text to be output and the
second of which is a collation string to be used in grouping the output
for the Window interface. Output records to be grouped together should
have the same collation string, and collation strings should be chosen
in ascending ASCII sort order.
INCLUDE_DETAIL
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Command indicated Detail information is to be provided.
INCLUDE_SUMMARY
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Command indicated Summary information is to be provided.
INCLUDE_REMEDIATION
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Command indicated Remediation information is to be provided.
GROUPED_BY_TEST
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Each call of this entrypoint is for a single Test.
GROUPED_BY_COMMENT_INSTANCE
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Each call of this entrypoint is for a single Comment Instance.
GROUPED_BY_COMMENT_INSTANCE_THEN_TEST
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Each call of this entrypoint is for a single combination of Comment
Instance and Test.
GROUPED_BY_REMEDIATION_RESPONSIBILITY
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Each call of this entrypoint is for a single Remediation Responsibility.
GROUPED_BY_REMEDIATION_COMPLETION_DATE
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Each call of this entrypoint is for a single Remediation Completion
Date.
STATUS_ONLY
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Command indicated only Status information is to be provided.
SHOW_TESTNAMES
|
VMS usage:
|
boolean
|
|
type:
|
byte (unsigned)
|
|
access:
|
read only
|
|
mechanism:
|
by reference
|
Command indicated Test Name information is to be provided.
ASSESSMENT_NAME
|
VMS usage:
|
char_string
|
|
type:
|
character string (maximum length 39)
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Name of the assessment for this invocation of the
Report Formatting module.
OUTPUT_FILESPEC
|
VMS usage:
|
char_string
|
|
type:
|
character string (maximum length 255)
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Filespec to be used for direct output by the Report Formatting module.
FORMAT
|
VMS usage:
|
char_string
|
|
type:
|
character string
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
Value of the /FORMAT= character string for interpretation specific to a
particular Report Formatting module.
COMMAND
|
VMS usage:
|
char_string
|
|
type:
|
character string
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
The complete command line that was entered to create this report. In
the case of reports initiated via the Window or Menu interface, the
string provided will be a synthesized command line equivalent.
TITLE
|
VMS usage:
|
char_string
|
|
type:
|
character string (maximum length 80)
|
|
access:
|
read only
|
|
mechanism:
|
by descriptor
|
The title of the report, specified by the first non-blank of:
- The /TITLE qualifier to the LJK/SECURITY REPORT command.
- The /TITLE qualifier to the LJK/SECURITY MODIFY
ASSESSMENT command.
- The limit (VMS, REPORT, REPORTNAM)
value from policies (in order) used
in the assessment.
- The string "Assessment <assessment-name> from
LJK/Security".
Description
A single call to this entrypoint at the start of processing conveys to
your Report Formatting module general characteristics of the user
command to produce a report, such as what should be included.
But another major purpose of this entrypoint is for your Report
Formatting module to indicate which of the possible later calls
LJK/Security should make to your entrypoints. This is done with a
series of Boolean input-output parameters (passed by reference). If
your Report Formatting module does not require certain input (typically
based on the general characteristics of the user command to produce a
report), your INITIALIZE entrypoint should clear the corresponding
Boolean input-output parameter (name starting with
"PROVIDE_"). Doing so minimizes the work that LJK/Security
must do in preparing data for your Report Formatting module before
making subsequent calls to your entrypoints, thus speeding up the
LJK/SECURITY REPORT command.
In some cases the PROVIDE_* Boolean input-output parameters will
already be set to FALSE. When that is the case, attempting to set those
values to True (1) will not be effective, because the limit on the set
of possible calls to your Report Formatting module is based on the user
command or the nature of the assessment.
The INITIALIZE entrypoint differs from all other Report Formatting
entrypoints in two regards:
- It makes use of input-output parameters to send information back to
LJK/Security.
- It does not provide a status return. All other entrypoints require
a Boolean value be returned to indicate whether processing should
continue.
The following Boolean flag parameters are mutually exclusive:
- GROUPED_BY_TEST
- GROUPED_BY_COMMENT_INSTANCE
- GROUPED_BY_COMMENT_INSTANCE_THEN_TEST
- GROUPED_BY_REMEDIATION_RESPONSIBILITY
- GROUPED_BY_REMEDIATION_COMPLETION_DATE
indicating:
- the manner in which Total results are grouped (within a Method)
- the order in which Details results are presented (within a Method)
Any value returned from this entrypoint will be ignored.