inspec/www/demo/app/responses/instructions.json

1 line
6.3 KiB
JSON
Raw Normal View History

[["InSpec Introduction","<p>Welcome to the interactive InSpec demo. You will learn how to use the command line and shell and get an introduction to all aspects of the language.</p>\n\n<p>To navigate this demo, type <code>next</code> to move forward and <code>prev</code> to move back.\nUse <code>clear</code> to clear the terminal screen.</p>\n"],["InSpec Help","<p>InSpec is called via</p>\n\n<p><code>\ninspec\n</code></p>\n\n<p>Try it out! You will see the help menu. You can also view it with:</p>\n\n<p><code>\ninspec help\n</code></p>\n"],["InSpec Help Subcommands","<p>This list of subcommands may be intimidating at first. It is easy to get help on any of these commands via <code>inspec help &lt;COMMAND&gt;</code>. Let&#39;s try it out for a few:</p>\n\n<p><code>\ninspec help version\n</code></p>\n\n<p><code>\ninspec help detect\n</code></p>\n\n<p><code>\ninspec help exec\n</code></p>\n"],["InSpec Version","<p>The easiest subcommand is <code>inspec version</code>. It tells you which version of InSpec is running.</p>\n"],["InSpec Check","<p>The most frequent use of InSpec is to execute profiles. You can find the <code>examples/profile</code> in the InSpec repository. Before executing it for the first time, let&#39;s verify if it is valid profile</p>\n\n<p><code>\ninspec check examples/profile\n</code></p>\n\n<p>This command is not only used for syntax testing and linting, but can also provide information on valid profiles including its version and control overview.</p>\n"],["InSpec Exec","<p>Let&#39;s try testing some profiles! To run the profile and test the local machine, type:</p>\n\n<p><code>\ninspec exec examples/profile\n</code></p>\n\n<p>The result is shown in the report.</p>\n"],["InSpec Exec SSH","<p>InSpec can also test your remote machines! Let&#39;s assume there is node <code>host.node</code> registered with SSH configured for user <code>bob</code> with a keyfile in the current directory (<code>bob.rsa</code>). You can run the same profile against this node via:</p>\n\n<p><code>\ninspec exec examples/profile -t ssh://bob@host.node -i bob.rsa\n</code></p>\n"],["InSpec Exec SSH (More Options)","<p>The wonderful <code>-t</code> option (or <code>--target</code>) is a shorthand for specifying all fields separately:</p>\n\n<p><code>\ninspec exec examples/profile -b ssh --host host.node --user bob -i bob.rsa\n</code></p>\n\n<p>For more options try:</p>\n\n<p><code>\ninspec help exec\n</code></p>\n"],["InSpec Exec WinRm","<p>We can also scan Windows machines. Let&#39;s assume <code>windows.node</code> is configured with WinRM access for user <code>alice</code> with a password <code>pass</code>. The command will now read:</p>\n\n<p><code>\ninspec exec examples/profile -t winrm://alice:pass@windows.node\n</code></p>\n"],["InSpec Exec WinRm SSL","<p>The previous example is not quite realistic. Most Windows nodes with WinRM are configured to use SSL. Let&#39;s assume the user also has a self-signed certificate. It would now read</p>\n\n<p><code>\ninspec exec examples/profile -t winrm://alice:pass@windows.node --ssl --self-signed\n</code></p>\n"],["InSpec Exec Docker","<p>InSpec also supports scanning containers. Let&#39;s try it with Docker and pick a container</p>\n\n<p><code>\ninspec exec examples/profile -t docker://abcdef123\n</code></p>\n"],["InSpec Detect","<p>InSpec is able to verify local and remote nodes before running tests. This is a utility command to check connections and get information on the target</p>\n\n<p><code>\ninspec detect\n</code></p>\n\n<p><code>\ninspec detect -t ssh://bob@host.node -i bob.rsa\n</code></p>\n"],["InSpec Shell Introduction","<p>Let&#39;s explore the InSpec shell. It&#39;s an integrated utility to test and debug the InSpec language. Before we start it interactively, let&#39;s try the command execution mode. It runs code and resources and prints the result.</p>\n\n<p>First, we start with the OS detection:</p>\n\n<p><code>\ninspec shell -c &#39;os.params&#39;\n</code></p>\n\n<p>Another example is to test an existing resource:</p>\n\n<p><code>\ninspec shell -c &#39;sshd_config.Protoc