From 83ed8122ef6c4ca0161b73183bb0ac056bf396e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?= Date: Thu, 18 Jan 2018 11:28:36 +0100 Subject: [PATCH] update the README about community checks MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Thomas Sjögren --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index a212808..004b3c8 100644 --- a/README.md +++ b/README.md @@ -50,11 +50,11 @@ version 1.13.0 or later. ```sh -h optional Print this help message -l FILE optional Log output in FILE - -c CHECK optional Run specific check + -c CHECK optional Run specific check or group of checks ``` -By default the Docker Bench for Security script will run all available tests and -produce logs in the current directory named `docker-bench-security.sh.log.json` +By default the Docker Bench for Security script will run all available CIS tests +and produce logs in the current directory named `docker-bench-security.sh.log.json` and `docker-bench-security.sh.log`. The CIS based checks are named `check_
_`, e.g. `check_2_6` and community contributed checks are named `check_c_`. @@ -62,6 +62,10 @@ A complete list of checks are present in [functions_lib.sh](functions_lib.sh). `sh docker-bench-security.sh -l /tmp/docker-bench-security.sh.log -c check_2_2` +Note that when submitting checks, provide information why it is a +reasonable test to add and please include some kind of official documentation +verifying that information. + ## Building Docker Bench for Security If you wish to build and run this container yourself, you can follow the