remvoe default vpc region

fix inventory
fix cred
2023-08-21 15:43:53 -04:00 · 2023-08-17 15:13:43 -04:00 · 2023-08-17 15:12:12 -04:00 · 2023-08-17 11:55:50 -04:00 · 2023-08-15 15:44:40 -04:00 · 2023-08-15 15:40:20 -04:00
328 changed files with 40262 additions and 3473 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -0,0 +1,4 @@
+---
+exclude_paths:
+  - collections/ansible_collections/demo/compliance/roles/
+  - .github/
--- a/.github/ISSUE_TEMPLATE/bug_report.yaml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -1,18 +0,0 @@
---
-name: Cat Lady Membership Application
-description: Tell us what qualifies you to be a registered cat fancier.
-body:
- type: textarea
-  attributes:
-    label: Your favorite cat
-    placeholder: "Examples: Garfield, Maru, Mr. Mistoffolees"
-  validations:
-    required: true
- type: dropdown
-  attributes:
-    label: How many rooms in your house are dedicated to cats?
-    options:
-    - 1
-    - 2
-    - All of them
-issue_body: false
--- a/.github/workflows/ansible-lint.yml
+++ b/.github/workflows/ansible-lint.yml
@@ -0,0 +1,25 @@
+---
+name: Ansible Lint
+on:
+ - push
+ - pull_request
+
+env:
+  ANSIBLE_GALAXY_SERVER_LIST: ah,galaxy
+  ANSIBLE_GALAXY_SERVER_AH_URL: https://console.redhat.com/api/automation-hub/
+  ANSIBLE_GALAXY_SERVER_AH_AUTH_URL: https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
+  ANSIBLE_GALAXY_SERVER_AH_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_AH_TOKEN }}
+  ANSIBLE_GALAXY_SERVER_GALAXY_URL: https://galaxy.ansible.com/
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      # Important: This sets up your GITHUB_WORKSPACE environment variable
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # needed for progressive mode to work
+
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint-action@v6.11.0
--- a/.github/workflows/linter.yml.old
+++ b/.github/workflows/linter.yml.old
@@ -0,0 +1,50 @@
+---
+###########################
+###########################
+## Linter GitHub Actions ##
+###########################
+###########################
+name: Lint Code Base
+
+#
+# Documentation:
+# https://help.github.com/en/articles/workflow-syntax-for-github-actions
+#
+
+#############################
+# Start the job on all push #
+#############################
+on: [push, pull_request]
+
+###############
+# Set the Job #
+###############
+jobs:
+  build:
+    # Name the Job
+    name: Lint Code Base
+    # Set the agent to run on
+    runs-on: ubuntu-latest
+
+    ##################
+    # Load all steps #
+    ##################
+    steps:
+      ##########################
+      # Checkout the code base #
+      ##########################
+      - name: Checkout Code
+        uses: actions/checkout@v2
+        with:
+          # Full git history is needed to get a proper list of changed files within `super-linter`
+          fetch-depth: 0
+
+      ################################
+      # Run Linter against code base #
+      ################################
+      - name: Lint Code Base
+        uses: github/super-linter@v4
+        env:
+          VALIDATE_ALL_CODEBASE: false
+          DEFAULT_BRANCH: main
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,4 @@ choose_demo_example_azure.yml
 choose_demo_example_aws.yml
 .ansible.cfg
 *.gz
+
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -0,0 +1,46 @@
+# Contribution Guidelines
+This document aims to outline the requirements for the various forms of contribution for this project.
+
+**ALL** contributions are subject to review via pull request
+
+## Pull Requests
+1) Ensure the "base repository" is set to "ansible/product-demos".
+
+### Pull Request Guidelines
+- PRs should include the playbook/demo and required entry in corresponding `<demo>/setup.yml`.
+- PRs should include documentation in corresponding `<demo>/README.md`.
+- PRs should be rebased against the `main` branch to avoid conflicts.
+- PRs should not impact more than a single directory/demo section.
+- PRs should not rely on external infrastructure or configuration unless the dependency is automated or specified in the `user_message` of `setup.yml`.
+
+## Adding a New Demo
+1) Create a new branch based on main. (eg. `git checkout -b <branch name>`)
+2) Add your playbook to the appropriate demo/section subdirectory.
+3) Make any changes needed to match the existing standards in the directory.
+   1) Ex: Parameterized hosts
+   ```ansible
+   hosts: "{{ HOSTS | default('windows') }}"
+   ```
+4) Create an entry for your playbook in your subdirectories `setup.yml`
+   1) You can copy paste an existing one and edit it.
+   2) Ensure you edit the name, playbook path, survey etc.
+5) Add any needed roles/collections to the [requirements.yml](/collections/requirements.yml)
+6) Test via RHPDS, specify your branch name within the project configuration.
+
+## New Demo Section/Category
+1) Create a new subdirectory with no spaces
+2) Create a new setup.yml copying appropriate elements from another
+   - Below is a sample skeleton for a new setup.yml
+    ```ansible
+    ---
+    user_message: ''
+
+    controller_components:
+    - job_templates
+
+    controller_templates:
+    ...
+    ```
+   - `controller_components` can be any of the roles defined [here](https://github.com/redhat-cop/controller_configuration/tree/devel/roles)
+   - Add variables for each component listed
+3) Include a README.md in the subdirectory
--- a/README.md
+++ b/README.md
@@ -1,268 +1,39 @@
 # Official Ansible Product Demos

-This repo currently under construction and working on a minimal viable demo for testing purposes
+This is a centralized location for all Ansible Product Demos going forward. 

-# Table of contents
+| Demo Name | Description |
+|-----------|-------------|
+| [Linux](linux/README.md) | Repository of demos for RHEL and Linux automation |
+| [Windows](windows/README.md) | Repository of demos for Windows Server automation |
+| [Cloud](cloud/README.md) | Demo for infrastructure and cloud provisioning automation |
+| [Network](network/README.md) | Ansible Network automation demos |

-   * [How to use](#how-to-use)
-      * [1. Provide login information and choose demo](#1-provide-login-information-and-choose-demo)
-      * [2. Run Ansible Playbook](#2-run-ansible-playbook)
-   * [Demo Repository](#demo-repository)
-      * [Infrastructure Demos](#infrastructure-demos)
-      * [Network Demos](#network-demos)
-      * [Security Demos](#security-demos)
-      * [Developer Demos](#developer-demos)
-   * [Contribute](#contribute)
-   * [Notes](#notes)
+## Contributions

-# How to use
+If you would like to contribute to this project please refer to [contribution guide](CONTRIBUTING.md) for best practices.

-## 1. Provide login information and choose demo
+## Using this project

-  - Modify the `choose_demo.yml` file that is included in this repo with the username, password and IP address (or DNS name) of your Ansible Tower
-  - Choose the demo name you want from the table below (or choose `all`)
+  > This project is tested for compatibility with AAP2 Linux Automation Workshop available to Red Hat Employees and Partners. To use with other Ansible Controller installations, review the [pre-requisite documentation](https://github.com/RedHatGov/ansible-tower-samples/tree/product-demos).

-## 2. Run Ansible Playbook
+1. First you must create a credential for [Automation Hub](https://console.redhat.com/ansible/automation-hub/) to successfully sync collections used by this project.
+   
+   1. In the Credentials section of the Controller UI, add a new Credential called `Automation Hub` with the type `Ansible Galaxy/Automation Hub API Token`
+   2. You can obtain a token [here](https://console.redhat.com/ansible/automation-hub/token). This page will also provide the Server URL and Auth Server URL.
+   3. Next, click on Organizations and edit the `Default` organization. Add your `Automation Hub` credential to the `Galaxy Credentials` section. Don't forget to click Save!!

-```
-ansible-playbook playbooks/install_demo.yml -e @choose_demo.yml
-```
+2. If it has not been created for you, add a Project called `Ansible official demo project` with this repo as a source. NOTE: if you are using a fork, be sure that you have the correct URL. Update the project.
+3. Finally, Create a Job Template called `Setup` with the following configuration:
+  
+     - Name: Setup
+     - Inventory: Demo Inventory
+     - Exec Env: Control Plane EE
+     - Playbook: setup_demo.yml
+     - Credentials:

-# Demo Repository
-
-This repository currently holds 21 demos.
-
-## Infrastructure Demos
-<table>
-  <tr>
-    <th>Demo Name</th>
-    <th>Author</th>
-    <th>install_demo.yml value</th>
-    <th>Description</th>
-    <th>Video Walkthrough</th>
-    <th>Workshop Types</th>
-  </tr>
-  <tr>
-    <td><a href="https://github.com/ansible/product-demos/blob/master/docs/infrastructure/azure_provision_vm.md">INFRASTRUCTURE / Azure create a MySQL Server</a></td>
-    <td>David Rojas</td>
-    <td><pre>demo: azure_mysql_server</pre></td>
-    <td>Provision MySQL server on Azure with Ansible Tower Survey and Environmental variables</td>
-    <td>Not available </td>
-    <td><ul><li>windows</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td><a href="https://github.com/ansible/product-demos/blob/master/docs/infrastructure/azure_provision_vm.md">INFRASTRUCTURE / Azure Provision VM</a></td>
-    <td>David Rojas</td>
-    <td><pre>demo: azure_provision_vm</pre></td>
-    <td>Provision RHEL VM on Azure with Ansible Tower Survey and Environmental variables</td>
-    <td>Not available </td>
-    <td><ul><li>windows</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td><a href="https://github.com/ansible/product-demos/blob/master/docs/infrastructure/chocolatey_app_install.md">INFRASTRUCTURE / Chocolatey App Install</a></td>
-    <td>David Rojas</td>
-    <td><pre>demo: chocolatey_app_install</pre></td>
-    <td>Install various application packages using Chocolatey from a survey</td>
-    <td>Not available </td>
-    <td><ul><li>windows</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td><a href="https://github.com/ansible/product-demos/blob/master/docs/infrastructure/chocolatey_config.md">INFRASTRUCTURE / Chocolatey Config</a></td>
-    <td>David Rojas</td>
-    <td><pre>demo: chocolatey_config</pre></td>
-    <td>Configure Chocolatey parameters that require not just enabling but adding values</td>
-    <td>Not available </td>
-    <td><ul><li>windows</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td><a href="https://github.com/ansible/product-demos/blob/master/docs/infrastructure/chocolatey_features.md">INFRASTRUCTURE / Chocolatey Features Config</a></td>
-    <td>David Rojas</td>
-    <td><pre>demo: chocolatey_features</pre></td>
-    <td>Enable or disable various Chocolatey features</td>
-    <td>Not available </td>
-    <td><ul><li>windows</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td><a href="https://github.com/ansible/product-demos/blob/master/docs/infrastructure/deploy_application.md">INFRASTRUCTURE / Deploy Application</a></td>
-    <td>Sean Cavanaugh</td>
-    <td><pre>demo: deploy_application</pre></td>
-    <td>install yum applications on Linux with a survey</td>
-    <td><a href="https://www.youtube.com/watch?v=pU8ZgSBuEJw&list=PLdu06OJoEf2bp-PNtxPP_2n7Avkax8TED">Video Link</a></td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>INFRASTRUCTURE / Fact Scan</td>
-    <td>Will Tome</td>
-    <td><pre>demo: fact_scan</pre></td>
-    <td>scan facts for Linux and Windows systems</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>windows</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>INFRASTRUCTURE / Gather Debug Info</td>
-    <td>Will Tome</td>
-    <td><pre>demo: debug_info</pre></td>
-    <td>provide info for memory and CPU usage for specified systems</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>INFRASTRUCTURE / Grant Sudo</td>
-    <td>Will Tome</td>
-    <td><pre>demo: grant_sudo</pre></td>
-    <td>grant sudo privledges for specified time via survey</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>INFRASTRUCTURE / Patching</td>
-    <td>Will Tome</td>
-    <td><pre>demo: patching</pre></td>
-    <td>patching for Linux servers</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>INFRASTRUCTURE / Red Hat Insights</td>
-    <td>Sean Cavanaugh</td>
-    <td><pre>demo: insights</pre></td>
-    <td>install and configure Red Hat Insights</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>INFRASTRUCTURE / Security Patching</td>
-    <td>Will Tome</td>
-    <td><pre>demo: security_patching</pre></td>
-    <td>upgrade all yum packages for security related except kernel</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>INFRASTRUCTURE / Turn off IBM Community Grid</td>
-    <td>Sean Cavanaugh</td>
-    <td><pre>demo: turn_off_community_grid</pre></td>
-    <td>this role turns off IBM Community Grid boinc-client</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td><a href="https://github.com/ansible/product-demos/blob/master/docs/infrastructure/windows_regedit_legal_notice.md">INFRASTRUCTURE / Windows regedit legal notice</a></td>
-    <td>David Rojas</td>
-    <td><pre>demo: windows_regedit_legal_notice</pre></td>
-    <td>using regedit modify the legal notice</td>
-    <td>Not available </td>
-    <td><ul><li>windows</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>SERVER / Windows IIS Server</td>
-    <td>Colin McNaughton</td>
-    <td><pre>demo: windows_iis</pre></td>
-    <td>install webserver on Windows Server with a survey</td>
-    <td>Not available </td>
-    <td><ul><li>windows</li><li>demo</li></ul></td>
-  </tr>
-</table>
-
-## Network Demos
-
-<table>
-  <tr>
-    <th>Demo Name</th>
-    <th>Author</th>
-    <th>install_demo.yml value</th>
-    <th>Description</th>
-    <th>Video Walkthrough</th>
-    <th>Workshop Types</th>
-  </tr>
-  <tr>
-    <td>Cisco IOS logging config audit/remediation</td>
-    <td>Colin McCarthy</td>
-    <td><pre>demo: configlet_logging</pre></td>
-    <td>Cisco IOS logging config audit/remediation</td>
-    <td>Not available </td>
-    <td><ul><li>network</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>Cisco IOS ntp config audit/remediation</td>
-    <td>Colin McCarthy</td>
-    <td><pre>demo: configlet_ntp</pre></td>
-    <td>Cisco IOS ntp config audit/remediation</td>
-    <td>Not available </td>
-    <td><ul><li>network</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>NETWORK / WORKFLOW - F5 BIG-IP</td>
-    <td>Sean Cavanaugh</td>
-    <td><pre>demo: f5_bigip_workflow</pre></td>
-    <td>Workflow for F5 BIG-IP to setup a VIP (Virtual IP) load balancer between two RHEL webservers</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>demo</li></ul></td>
-  </tr>
-</table>
-
-## Security Demos
-
-<table>
-  <tr>
-    <th>Demo Name</th>
-    <th>Author</th>
-    <th>install_demo.yml value</th>
-    <th>Description</th>
-    <th>Video Walkthrough</th>
-    <th>Workshop Types</th>
-  </tr>
-  <tr>
-    <td>SECURITY / Create Openscap Report</td>
-    <td>Sean Cavanaugh</td>
-    <td><pre>demo: openscap</pre></td>
-    <td>Create HTML report using SCAP Security Guide (SSG)</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-  <tr>
-    <td>SECURITY / Hardening</td>
-    <td>Will Tome</td>
-    <td><pre>demo: hardening</pre></td>
-    <td>hardening for Linux servers</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-</table>
-
-## Developer Demos
-
-<table>
-  <tr>
-    <th>Demo Name</th>
-    <th>Author</th>
-    <th>install_demo.yml value</th>
-    <th>Description</th>
-    <th>Video Walkthrough</th>
-    <th>Workshop Types</th>
-  </tr>
-  <tr>
-    <td>DEVELOPER / Create Developer Report</td>
-    <td>Sean Cavanaugh</td>
-    <td><pre>demo: developer_report</pre></td>
-    <td>'Create HTML report using <a href="https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variables-discovered-from-systems-facts">Ansible facts</a>'
-</td>
-    <td>Not available </td>
-    <td><ul><li>f5</li><li>rhel</li><li>rhel_90</li><li>demo</li></ul></td>
-  </tr>
-</table>
-
-
-# Contribute
-
-please refer to the [contribute.md](docs/contribute.md) documentation included in this collection.
-
-# Notes
-
-This README.md was auto-generated by Ansible user **colin** on **2020-12-09** with Ansible version **2.9.13.post0**
-
-To generate a README.md, execute the following command
-
-```
-ansible-playbook playbooks/generate_readme.yml
-```
+        - Type: Red Hat Ansible Automation Platform
+        - Name: Controller Credential
+     - Extra vars:
+  
+            demo: <linux or windows or cloud or network>
--- a/ansible.cfg
+++ b/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+collections_paths=./collections
+roles_path=./roles
--- a/choose_demo.yml
+++ b/choose_demo.yml
@@ -1,29 +0,0 @@
---
-## example file for how to choose a demo
-## chose specific demo or choose all
-
-# SPECIFIC - example that installs just the deploy_application job template
-demo: developer_report
-
-# ALL - example that installs all demos
-# demo: all
-
-## Ansible Tower login infomation
-my_tower_username: colin
-my_tower_password: mahalo
-my_tower_host: test.rhdemo.io
-workshop_type: rhel
-
-# leave as comments unless you are deploying an public cloud Demo. Possible values are aws or azure
-public_cloud: none
-#only uncomment these and supply values for setting up an Azure Cloud Demo which means public_cloud: azure above
-#these value below are fake sample values only
-#my_subscription: bb66f723-9eb9-405b-7889-2e722a5a5a45
-#my_tenant: bbe51e50-8759-5cc6-93f7-71985d8dbddf
-#my_client: 7e7d5fd3-c84b-b64c-ae96-cf474f4aa573
-#my_secret: K1S5~EqpmvG68i8ni9-b1hmn3~yROfHM_I 
-#only uncomment these and supply values for setting up an AWS Cloud Demo which means public_cloud: aws above
-#these value below are fake sample values only
-#my_access_key: kwjewk4h54jker
-#my_secret_key: wnwrl4nwwrh6srwo4rwher4
-
--- a/choose_demo_example_aws.yml
+++ b/choose_demo_example_aws.yml
@@ -1,33 +0,0 @@
---
-## example file for how to choose a demo
-## chose specific demo or choose all
-
-# SPECIFIC - example that installs just the deploy_application job template
-demo: aws_provision_vm
-
-# ALL - example that installs all demos
-# demo: all
-
-## Ansible Tower login infomation
-my_tower_username: student1  
-my_tower_password: TnSynS1Re31ZAF
-my_tower_host: student1.cb8b.open.redhat.com
-workshop_type: windows
-
-# leave as comments unless you are deploying an public cloud Demo 
-public_cloud: aws
-#only uncomment these and supply values for setting up an Azure Cloud Demo which means public_cloud: azure above
-#these value below are fake sample values only
-#my_subscription: bb66f723-9eb9-405b-7889-2e722a5a5a45
-#my_tenant: bbe51e50-8759-5cc6-93f7-71985d8dbddf
-#my_client: 7e7d5fd3-c84b-b64c-ae96-cf474f4aa573
-#my_secret: K1S5~EqpmvG68i8ni9-b1hmn3~yROfHM_I 
-#only uncomment these and supply values for setting up an AWS Cloud Demo which means public_cloud: aws above
-#these value below are fake sample values only
-my_access_key: 345IAJUNULTMIXFDSDFGF
-my_secret_key: 567BqE+YAH7DFG4RGSSDFG5SGDFGSDGF4
-
-
-
- 
-
--- a/choose_demo_example_azure.yml
+++ b/choose_demo_example_azure.yml
@@ -1,32 +0,0 @@
---
-## example file for how to choose a demo
-## chose specific demo or choose all
-
-# SPECIFIC - example that installs just the deploy_application job template
-demo: azure_provision_vm
-
-# ALL - example that installs all demos
-# demo: all
-
-## Ansible Tower login infomation
-my_tower_username: drojas  
-my_tower_password: zapata
-my_tower_host: test.rhdemo.io
-workshop_type: windows
-
-# leave as comments unless you are deploying an public cloud Demo. Possible values are aws or azure
-public_cloud: azure
-#only uncomment these and supply values for setting up an Azure Cloud Demo which means public_cloud: azure above
-#these value below are fake sample values only
-my_subscription: bb66f723-9eb9-405b-7889-2e722a5a5a45
-my_tenant: bbe51e50-8759-5cc6-93f7-71985d8dbddf
-my_client: 7e7d5fd3-c84b-b64c-ae96-cf474f4aa573
-my_secret: K1S5~EqpmvG68i8ni9-b1hmn3~yROfHM_I 
-#only uncomment these and supply values for setting up an AWS Cloud Demo which means public_cloud: aws above
-#these value below are fake sample values only
-#my_access_key: kwjewk4h54jker
-#my_secret_key: wnwrl4nwwrh6srwo4rwher4 
-
-
- 
-
--- a/cloud/README.md
+++ b/cloud/README.md
@@ -0,0 +1,64 @@
+# Cloud Demos
+
+## Table of Contents
+- [Cloud Demos](#cloud-demos)
+  - [Table of Contents](#table-of-contents)
+  - [About These Demos](#about-these-demos)
+    - [Jobs](#jobs)
+    - [Inventory](#inventory)
+  - [Post Setup Setup](#post-setup-setup)
+    - [Configure Credentials](#configure-credentials)
+    - [Add Workshop Credential Password](#add-workshop-credential-password)
+    - [Remove Inventory Variables](#remove-inventory-variables)
+    - [Getting your Puiblic Key for Create Infra Job](#getting-your-puiblic-key-for-create-infra-job)
+  - [Suggested Usage](#suggested-usage)
+  - [Known Issues](#known-issues)
+
+## About These Demos
+This category of demos shows examples of multi-cloud provisioning and management with Ansible Automation Platform. The list of demos can be found below. These demos are particularly helpful in building additional infrastructure for other demo categories such as Linux and Windows. See the [Suggested Usage](#suggested-usage) section of this document for recommendations on how to best use these demos.
+
+### Jobs
+
+- [**Cloud / Create Infra**](create_infra.yml) - Creates a VPC with required routing and firewall rules for provisioning VMs
+- [**Cloud / Create VM**](create_vm.yml) - Create a VM based on a [blueprint](blueprints/) in the selected cloud provider
+- [**Cloud / Destroy VM**](destroy_vm.yml) - Destroy a VM that has been created in a cloud provider. VM must be imported into dynamic inventory to be deleted.
+
+### Inventory
+
+A dynamic inventory is created to pull inventory hosts from cloud providers. The VM will be added by name therefore provisioning VMs with the same name will cause conflict in the inventory.
+
+Groups will be created based on the operating system (platform) of the VM provisioned as well as a group called `cloud_<cloud provider>`.
+
+## Post Setup Setup
+After running the setup job template, there are a few steps required to make the demos fully functional. See post setup actions below.
+
+   > These steps may differ if you in your environment
+
+### Configure Credentials
+
+- Add AWS Access and Secret key to the `AWS` Credential created by the setup job.
+
+### Add Workshop Credential Password
+
+1) Add a password that meets the [default complexity requirements](https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements#reference). This allows you to connect to Windows Servers provisioned with Create VM job. Required until [RFE](https://github.com/ansible/workshops/issues/1597]) is complete
+
+### Remove Inventory Variables
+
+1) Remove Workshop Inventory variables on the Details page of the inventory. Required until [RFE](https://github.com/ansible/workshops/issues/1597]) is complete
+
+### Getting your Puiblic Key for Create Infra Job
+
+1) Connect to the command line of your Controller server. This is easiest to do by opening the VS Code Web Editor from the landing page where you found the Controller login details.
+2) Open a Terminal Window in the VS Code Web Editor.
+3) SSH to one of your linux nodes (eg. `ssh node1`). This should log you into the node as `ec2-user`
+4) `cat .ssh/authorized_keys` and copy the key listed including the  `ssh-rsa` prefix
+
+
+## Suggested Usage
+
+**Cloud / Create Infra** -The Create Infra job builds cloud infrastructure based on the provider definition in the included `demo.cloud` collection.
+
+**Cloud / Create VM** - The Create VM job builds a VM in the given provider based on the included `demo.cloud` collection. VM [blueprints](blueprints/) define variables for each provider that override the defaults in the collection. When creating VMs it is recommended to follow naming conventions that can be used as host patterns. (eg. VM names: `win1`, `win2`, `win3`.  Host Pattern: `win*` )
+
+## Known Issues
+Azure does not work without a custom execution environment that includes the Azure dependencies.
--- a/cloud/aws_key.yml
+++ b/cloud/aws_key.yml
@@ -0,0 +1,25 @@
+---
+- name: Create AWS keypair
+  hosts: localhost
+  vars:
+    aws_key_name: aws-test-key
+    aws_keypair_owner: undef
+
+  tasks:
+    - name: Fail if variables not defined
+      ansible.builtin.assert:
+        that:
+          - aws_key_name is defined
+          - create_vm_aws_region is defined
+          - aws_public_key is defined
+          - aws_keypair_owner is defined
+        fail_msg: "Required variables not set"
+
+    - name: Create AWS keypair
+      amazon.aws.ec2_key:
+        name: "{{ aws_key_name }}"
+        region: "{{ create_vm_aws_region }}"
+        key_material: "{{ aws_public_key }}"
+        state: present
+        tags:
+          owner: "{{ aws_keypair_owner }}"
--- a/cloud/blueprints/al2023.yml
+++ b/cloud/blueprints/al2023.yml
@@ -0,0 +1,6 @@
+---
+vm_providers:
+  - aws
+aws_instance_size: t3.micro
+aws_image_architecture: x86_64
+aws_image_filter: 'al2023-ami-2023*'
--- a/cloud/blueprints/rhel7.yml
+++ b/cloud/blueprints/rhel7.yml
@@ -0,0 +1,7 @@
+---
+vm_providers:
+  - aws
+aws_image_owners: 309956199498
+aws_instance_size: t2.medium
+aws_image_architecture: x86_64
+aws_image_filter: 'RHEL-7.9_HVM*'
--- a/cloud/blueprints/rhel8.yml
+++ b/cloud/blueprints/rhel8.yml
@@ -0,0 +1,7 @@
+---
+vm_providers:
+  - aws
+aws_image_owners: 309956199498
+aws_instance_size: t3.micro
+aws_image_architecture: x86_64
+aws_image_filter: 'RHEL-8*HVM-*Hourly*'
--- a/cloud/blueprints/rhel9.yml
+++ b/cloud/blueprints/rhel9.yml
@@ -0,0 +1,7 @@
+---
+vm_providers:
+  - aws
+aws_image_owners: 309956199498
+aws_instance_size: t3.micro
+aws_image_architecture: x86_64
+aws_image_filter: 'RHEL-9*HVM-*Hourly*'
--- a/cloud/blueprints/windows.yml
+++ b/cloud/blueprints/windows.yml
@@ -0,0 +1,14 @@
+---
+vm_blueprint_providers:
+  - aws
+  - azure
+aws_image_filter: 'Windows_Server-2019-English-Core-Base*'
+aws_instance_size: t3.medium
+aws_userdata_template: aws_windows_userdata
+az_vm_os_type: Windows
+az_vm_size: Standard_DS1_v2
+az_vm_image:
+  offer: WindowsServer
+  publisher: MicrosoftWindowsServer
+  sku: 2022-Datacenter
+  version: latest
--- a/cloud/blueprints/windows_core.yml
+++ b/cloud/blueprints/windows_core.yml
@@ -0,0 +1,6 @@
+---
+vm_blueprint_providers:
+ - aws
+aws_image_filter: 'Windows_Server-2019-English-Core-Base*'
+aws_instance_size: t3.medium
+aws_userdata_template: aws_windows_userdata
--- a/cloud/blueprints/windows_full.yml
+++ b/cloud/blueprints/windows_full.yml
@@ -0,0 +1,6 @@
+---
+vm_blueprint_providers:
+ - aws
+aws_image_filter: 'Windows_Server-2019-English-Full-Base*'
+aws_instance_size: t3.medium
+aws_userdata_template: aws_windows_userdata
--- a/cloud/create_vpc.yml
+++ b/cloud/create_vpc.yml
@@ -0,0 +1,124 @@
+---
+- name: Create Cloud Infra
+  hosts: localhost
+  gather_facts: false
+  vars:
+    aws_vpc_name: aws-test-vpc
+    aws_owner_tag: default
+    aws_purpose_tag: ansible_demo
+    aws_tenancy: default
+    aws_vpc_cidr_block: 10.0.0.0/16
+    aws_subnet_cidr: 10.0.1.0/24
+    aws_sg_name: aws-test-sg
+    aws_subnet_name: aws-test-subnet
+    aws_rt_name: aws-test-rt
+
+  tasks:
+    - name: Create VPC
+      amazon.aws.ec2_vpc_net:
+        state: present
+        name: "{{ aws_vpc_name }}"
+        cidr_block: "{{ aws_vpc_cidr_block }}"
+        tenancy: "{{ aws_tenancy }}"
+        region: "{{ create_vm_aws_region }}"
+        tags:
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+      register: aws_vpc
+
+    - name: Create internet gateway
+      amazon.aws.ec2_vpc_igw:
+        state: present
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        region: "{{ create_vm_aws_region }}"
+        tags:
+          Name: "{{ aws_vpc_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+      register: aws_gateway
+
+    - name: Create security group internal
+      amazon.aws.ec2_security_group:
+        state: present
+        name: "{{ aws_sg_name }}"
+        region: "{{ create_vm_aws_region }}"
+        description: Inbound WinRM and RDP, http for demo servers and internal AD ports
+        rules:
+          - proto: tcp
+            ports:
+              - 80 # HTTP
+              - 443 # HTTPS
+              - 22 # SSH
+              - 5986 # WinRM
+              - 3389 # RDP
+              - 9090 # Cockpit
+            cidr_ip: 0.0.0.0/0
+          - proto: icmp
+            to_port: -1
+            from_port: -1
+            cidr_ip: 0.0.0.0/0
+          - proto: tcp
+            ports:
+              - 80 # HTTP
+              - 5986 # WinRM
+              - 3389 # RDP
+              - 53 # DNS
+              - 88 # Kerberos Authentication
+              - 135 # RPC
+              - 139 # Netlogon
+              - 389 # LDAP
+              - 445 # SMB
+              - 464 # Kerberos Authentication
+              - 5432 # PostgreSQL
+              - 636 # LDAPS (LDAP over TLS)
+              - 873 # Rsync
+              - 3268-3269 # Global Catalog
+              - 1024-65535 # Ephemeral RPC ports
+            cidr_ip: "{{ aws_vpc_cidr_block }}"
+          - proto: udp
+            ports:
+              - 53 # DNS
+              - 88 # Kerberos Authentication
+              - 123 # NTP
+              - 137-138 # Netlogon
+              - 389 # LDAP
+              - 445 # SMB
+              - 464 # Kerberos Authentication
+              - 1024-65535 # Ephemeral RPC ports
+            cidr_ip: "{{ aws_vpc_cidr_block }}"
+        rules_egress:
+          - proto: -1
+            cidr_ip: 0.0.0.0/0
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        tags:
+          Name: "{{ aws_sg_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+
+    - name: Create a subnet on the VPC
+      amazon.aws.ec2_vpc_subnet:
+        state: present
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        cidr: "{{ aws_subnet_cidr }}"
+        region: "{{ create_vm_aws_region }}"
+        map_public: true
+        tags:
+          Name: "{{ aws_subnet_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
+      register: aws_subnet
+
+    - name: Create a subnet route table
+      amazon.aws.ec2_vpc_route_table:
+        state: present
+        vpc_id: "{{ aws_vpc.vpc.id }}"
+        region: "{{ create_vm_aws_region }}"
+        subnets:
+          - "{{ aws_subnet.subnet.id }}"
+        routes:
+          - dest: 0.0.0.0/0
+            gateway_id: "{{ aws_gateway.gateway_id }}"
+        tags:
+          Name: "{{ aws_rt_name }}"
+          owner: "{{ aws_owner_tag }}"
+          purpose: "{{ aws_purpose_tag }}"
--- a/cloud/setup.yml
+++ b/cloud/setup.yml
@@ -0,0 +1,477 @@
+---
+user_message:
+
+controller_components:
+  - execution_environments
+  - projects
+  - credentials
+  - inventory_sources
+  - groups
+  - job_templates
+  - workflow_job_templates
+
+controller_execution_environments:
+  - name: Cloud Services Execution Environment
+    image: quay.io/scottharwell/cloud-ee:latest
+
+controller_projects:
+  - name: Ansible Cloud Content Lab - AWS
+    organization: Default
+    scm_type: git
+    wait: true
+    scm_url: https://github.com/ansible-content-lab/aws.infrastructure_config_demos.git
+    default_environment: Cloud Services Execution Environment
+
+controller_credentials:
+  - name: AWS
+    credential_type: Amazon Web Services
+    organization: Default
+    update_secrets: false
+    inputs:
+      username: REPLACEME
+      password: REPLACEME
+
+  # - name: Azure
+  #   credential_type: Microsoft Azure Resource Manager
+  #   organization: Default
+  #   update_secrets: false
+  #   inputs:
+  #     subscription: REPLACEME
+
+controller_inventory_sources:
+  - name: AWS Inventory
+    organization: Default
+    source: ec2
+    inventory: Demo Inventory
+    credential: AWS
+    overwrite: true
+    source_vars:
+      hostnames:
+        - tag:Name
+      compose:
+        ansible_host: public_ip_address
+        ansible_user: 'ec2-user'
+      groups:
+        cloud_aws: true
+        os_linux: tags.blueprint.startswith('rhel')
+      keyed_groups:
+        - key: platform
+          prefix: os
+        - key: tags.blueprint
+          prefix: blueprint
+        - key: tags.owner
+          prefix: owner
+
+  # - name: Azure Inventory
+  #   organization: Default
+  #   source: azure_rm
+  #  inventory: Demo Inventory
+  #   credential: Azure
+  #   execution_environment: Ansible Engine 2.9 execution environment
+  #   overwrite: true
+  #   source_vars:
+  #     hostnames:
+  #       - tags.Name
+  #       - default
+  #     keyed_groups:
+  #       - key: os_profile.system
+  #         prefix: os
+  #     conditional_groups:
+  #       cloud_azure: true
+
+controller_groups:
+  - name: cloud_aws
+    inventory: Demo Inventory
+    variables:
+      ansible_user: ec2-user
+
+controller_templates:
+  - name: Cloud / AWS / Create Peer Infrastructure
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_create_peer_network.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      aws_region: us-east-1
+      dmz_ssh_key_name: aws-test-key
+      priv_network_ssh_key_name: aws-test-key
+
+  - name: Cloud / AWS / Delete Peer Infrastructure
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_delete_peer_network.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      aws_region: us-east-1
+
+  - name: Cloud / AWS / Create Transit Infrastructure
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_create_transit_network.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      aws_region: us-east-1
+      dmz_ssh_key_name: aws-test-key
+      priv_network_ssh_key_name: aws-test-key
+
+  - name: Cloud / AWS / Delete Transit Infrastructure
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_delete_transit_network.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      aws_region: us-east-1
+
+  - name: Cloud / AWS / Create VPC
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible official demo project
+    playbook: cloud/create_vpc.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+        - question_name: Owner
+          type: text
+          variable: aws_owner_tag
+          required: true
+
+  - name: Cloud / AWS / Create VM
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+      - Demo Credential
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_create_vm.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    allow_simultaneous: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+        - question_name: Name
+          type: text
+          variable: create_vm_vm_name
+          required: true
+        - question_name: Owner
+          type: text
+          variable: create_vm_vm_owner
+          required: true
+        - question_name: Deployment
+          type: text
+          variable: create_vm_vm_deployment
+          required: true
+        - question_name: Environment
+          type: multiplechoice
+          variable: create_vm_vm_environment
+          required: true
+          choices:
+            - Dev
+            - QA
+            - Prod
+        - question_name: Blueprint
+          type: multiplechoice
+          variable: vm_blueprint
+          required: true
+          choices:
+            - windows_core
+            - windows_full
+            - rhel9
+            - rhel8
+            - rhel7
+            - al2023
+        - question_name: Subnet
+          type: text
+          variable: create_vm_aws_vpc_subnet_name
+          required: true
+          default: aws-test-subnet
+        - question_name: Security Group
+          type: text
+          variable: create_vm_aws_securitygroup_name
+          required: true
+          default: aws-test-sg
+        - question_name: SSH Keypair
+          type: text
+          variable: create_vm_aws_keypair_name
+          required: true
+          default: aws-test-key
+
+  - name: Cloud / AWS / Delete VM
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+      - Demo Credential
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_delete_inventory_vm.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Name or Pattern
+          type: text
+          variable: _hosts
+          required: true
+
+  - name: Cloud / AWS / VPC Report
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_create_reports.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      aws_report: vpc
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+
+  - name: Cloud / AWS / Tags Report
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible Cloud Content Lab - AWS
+    playbook: playbook_create_reports.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      aws_report: tags
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+
+  - name: Cloud / AWS / Create Keypair
+    job_type: run
+    organization: Default
+    credentials:
+      - AWS
+    project: Ansible official demo project
+    playbook: cloud/aws_key.yml
+    inventory: Demo Inventory
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+        - question_name: Keypair Name
+          type: text
+          variable: aws_key_name
+          required: true
+          default: aws-test-key
+        - question_name: Keypair Public Key
+          type: textarea
+          variable: aws_public_key
+          required: true
+        - question_name: Owner
+          type: text
+          variable: aws_keypair_owner
+          required: true
+
+controller_workflows:
+  - name: Deploy Cloud Stack in AWS
+    description: A workflow to deploy a cloud stack
+    organization: Default
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    extra_vars:
+      vm_deployment: cloud_stack
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: AWS Region
+          type: multiplechoice
+          variable: create_vm_aws_region
+          required: true
+          choices:
+            - us-east-1
+            - us-east-2
+            - us-west-1
+            - us-west-2
+        - question_name: Owner
+          type: text
+          variable: create_vm_aws_owner_tag
+          required: true
+        - question_name: Environment
+          type: multiplechoice
+          variable: vm_environment
+          required: true
+          choices:
+            - Dev
+            - QA
+            - Prod
+        - question_name: Keypair Public Key
+          type: textarea
+          variable: aws_public_key
+          required: true
+        - question_name: Email
+          type: text
+          variable: email
+          required: true
+    simplified_workflow_nodes:
+      - identifier: Create Keypair
+        unified_job_template: Cloud / AWS / Create Keypair
+        success_nodes:
+          - VPC Report
+        failure_nodes:
+          - Ticket - Keypair Failed
+      - identifier: Create VPC
+        unified_job_template: Cloud / AWS / Create VPC
+        success_nodes:
+          - VPC Report
+        failure_nodes:
+          - Ticket - VPC Failed
+      - identifier: Ticket - Keypair Failed
+        unified_job_template: 'SUBMIT FEEDBACK'
+        extra_data:
+          feedback: Failed to create AWS keypair
+      - identifier: VPC Report
+        unified_job_template: Cloud / AWS / VPC Report
+        all_parents_must_converge: true
+        success_nodes:
+          - Deploy Windows Blueprint
+          - Deploy RHEL8 Blueprint
+          - Deploy RHEL9 Blueprint
+      - identifier: Deploy Windows Blueprint
+        unified_job_template: Cloud / AWS / Create VM
+        extra_data:
+          create_vm_vm_name: aws_win
+          vm_blueprint: windows_full
+        success_nodes:
+          - Update Inventory
+        failure_nodes:
+          - Ticket - Instance Failed
+      - identifier: Deploy RHEL8 Blueprint
+        unified_job_template: Cloud / AWS / Create VM
+        extra_data:
+          create_vm_vm_name: aws_rhel8
+          vm_blueprint: rhel8
+        success_nodes:
+          - Update Inventory
+        failure_nodes:
+          - Ticket - Instance Failed
+      - identifier: Deploy RHEL9 Blueprint
+        unified_job_template: Cloud / AWS / Create VM
+        extra_data:
+          create_vm_vm_name: aws_rhel9
+          vm_blueprint: rhel9
+        success_nodes:
+          - Update Inventory
+        failure_nodes:
+          - Ticket - Instance Failed
+      - identifier: Ticket - VPC Failed
+        unified_job_template: 'SUBMIT FEEDBACK'
+        extra_data:
+          feedback: Failed to create AWS VPC
+      - identifier: Update Inventory
+        unified_job_template: AWS Inventory
+        success_nodes:
+          - Tag Report
+      - identifier: Ticket - Instance Failed
+        unified_job_template: 'SUBMIT FEEDBACK'
+        extra_data:
+          feedback: Failed to create AWS instance
+      - identifier: Tag Report
+        unified_job_template: Cloud / AWS / Tags Report
--- a/collections/ansible_collections/demo/cloud/README.md
+++ b/collections/ansible_collections/demo/cloud/README.md
--- a/collections/ansible_collections/demo/cloud/roles/aws/defaults/main.yml
+++ b/collections/ansible_collections/demo/cloud/roles/aws/defaults/main.yml
@@ -0,0 +1,23 @@
+---
+#######
+# AWS VARS
+#######
+aws_vpc_name: ansible
+aws_vpc_prefix: demo
+aws_vpc_cidr_block: 10.0.0.0/16
+aws_subnet_cidr: 10.0.1.0/24
+aws_region: us-east-1
+aws_vm_name: "{{ vm_name }}"
+aws_vm_owner: "{{ vm_owner }}"
+aws_blueprint: "{{ vm_blueprint }}"
+# aws_image_filter: "{{ omit }}"
+# aws_instance_size: "{{ omit }}"
+# aws_image_architecture: "{{ omit }}"
+# aws_image_owners: "{{ omit }} "
+aws_userdata_template: default
+aws_keypair_name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-demo-key"
+aws_securitygroup_name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-sec-group"
+aws_env_tag: prod
+aws_purpose_tag: ansible_demo
+aws_ansiblegroup_tag: cloud
+aws_ec2_wait: true
--- a/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_infra.yml
+++ b/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_infra.yml
@@ -0,0 +1,118 @@
+---
+- name: AWS | CREATE INFRA | vpc
+  amazon.aws.ec2_vpc_net:
+    state: present
+    name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-vpc"
+    cidr_block: "{{ aws_vpc_cidr_block }}"
+    tenancy: default
+    region: "{{ aws_region }}"
+    tags:
+      owner: "{{ aws_vpc_name }}"
+      purpose: "{{ aws_purpose_tag }}"
+  register: aws_vpc
+
+- name: AWS | CREATE INFRA | internet gateway
+  amazon.aws.ec2_vpc_igw:
+    state: present
+    vpc_id: "{{ aws_vpc.vpc.id }}"
+    region: "{{ aws_region }}"
+    tags:
+      Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-vpc-igw"
+      owner: "{{ aws_vpc_name }}"
+      purpose: "{{ aws_purpose_tag }}"
+  register: aws_gateway
+
+- name: Create security group internal
+  amazon.aws.ec2_security_group:
+    state: present
+    name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-sec-group"
+    region: "{{ aws_region }}"
+    description: Inbound WinRM and RDP, http for demo servers and internal AD ports
+    rules:
+      - proto: tcp
+        ports:
+          - 80 # HTTP
+          - 443 # HTTPS
+          - 22 # SSH
+          - 5986 # WinRM
+          - 3389 # RDP
+        cidr_ip: 0.0.0.0/0
+      - proto: icmp
+        to_port: -1
+        from_port: -1
+        cidr_ip: 0.0.0.0/0
+      - proto: tcp
+        ports:
+          - 80 # HTTP
+          - 5986 # WinRM
+          - 3389 # RDP
+          - 53 # DNS
+          - 88 # Kerberos Authentication
+          - 135 # RPC
+          - 139 # Netlogon
+          - 389 # LDAP
+          - 445 # SMB
+          - 464 # Kerberos Authentication
+          - 5432 # PostgreSQL
+          - 636 # LDAPS (LDAP over TLS)
+          - 873 # Rsync
+          - 3268-3269 # Global Catalog
+          - 1024-65535 # Ephemeral RPC ports
+        cidr_ip: 10.0.0.0/16
+      - proto: udp
+        ports:
+          - 53 # DNS
+          - 88 # Kerberos Authentication
+          - 123 # NTP
+          - 137-138 # Netlogon
+          - 389 # LDAP
+          - 445 # SMB
+          - 464 # Kerberos Authentication
+          - 1024-65535 # Ephemeral RPC ports
+        cidr_ip: 10.0.0.0/16
+    rules_egress:
+      - proto: -1
+        cidr_ip: 0.0.0.0/0
+    vpc_id: "{{ aws_vpc.vpc.id }}"
+    tags:
+      Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-sec-group"
+      owner: "{{ aws_vpc_name }}"
+      purpose: "{{ aws_purpose_tag }}"
+
+- name: Create a subnet on the VPC
+  amazon.aws.ec2_vpc_subnet:
+    state: present
+    vpc_id: "{{ aws_vpc.vpc.id }}"
+    cidr: "{{ aws_subnet_cidr }}"
+    region: "{{ aws_region }}"
+    map_public: true
+    tags:
+      Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-subnet"
+      owner: "{{ aws_vpc_name }}"
+      purpose: "{{ aws_purpose_tag }}"
+  register: aws_subnet
+
+- name: Create a subnet route table
+  amazon.aws.ec2_vpc_route_table:
+    state: present
+    vpc_id: "{{ aws_vpc.vpc.id }}"
+    region: "{{ aws_region }}"
+    subnets:
+      - "{{ aws_subnet.subnet.id }}"
+    routes:
+      - dest: 0.0.0.0/0
+        gateway_id: "{{ aws_gateway.gateway_id }}"
+    tags:
+      Name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-vpc-rtbl"
+      owner: "{{ aws_vpc_name }}"
+      purpose: "{{ aws_purpose_tag }}"
+
+- name: Create AWS keypair
+  amazon.aws.ec2_key:
+    name: "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-demo-key"
+    region: "{{ aws_region }}"
+    key_material: "{{ aws_public_key }}"
+    state: present
+    tags:
+      owner: "{{ aws_vpc_name }}"
+      purpose: "{{ aws_purpose_tag }}"
--- a/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_vm.yml
+++ b/collections/ansible_collections/demo/cloud/roles/aws/tasks/create_vm.yml
@@ -0,0 +1,47 @@
+---
+- name: AWS | CREATE VM | get subnet info
+  amazon.aws.ec2_vpc_subnet_info:
+    region: "{{ aws_region }}"
+    filters:
+      "tag:Name": "{{ aws_vpc_name }}-{{ aws_vpc_prefix }}-subnet"
+  register: aws_subnet
+
+- name: AWS | CREATE VM | save subnet id
+  ansible.builtin.set_fact:
+    aws_subnet_id: "{{ aws_subnet.subnets | map(attribute='id') | list | last }}"
+
+- name: AWS| CREATE VM | find ami
+  amazon.aws.ec2_ami_info:
+    region: "{{ aws_region }}"
+    owners: "{{ aws_image_owners | default(omit) }}"
+    filters:
+      name: "{{ aws_image_filter }}"
+      architecture: "{{ aws_image_architecture | default(omit) }}"
+  register: amis
+
+- name: AWS| CREATE VM | save ami
+  ansible.builtin.set_fact:
+    aws_instance_ami: >
+      {{ (amis.images | selectattr('name', 'defined') | sort(attribute='creation_date'))[-2] }}
+
+- name: AWS| CREATE VM | create instance
+  amazon.aws.ec2_instance:
+    network:
+      assign_public_ip: true
+    key_name: "{{ aws_keypair_name }}"
+    instance_type: "{{ aws_instance_size }}"
+    image_id: "{{ aws_instance_ami.image_id }}"
+    region: "{{ aws_region }}"
+    security_group: "{{ aws_securitygroup_name }}"
+    tags:
+      blueprint: "{{ aws_blueprint }}"
+      purpose: "{{ aws_purpose_tag }}"
+      env: "{{ aws_env_tag }}"
+      ansible_group: "{{ aws_ansiblegroup_tag }}"
+      owner: "{{ aws_vm_owner }}"
+      info: "This instance was built by Red Hat Product Demos"
+      Name: "{{ aws_vm_name }}"
+    wait: "{{ aws_ec2_wait }}"
+    vpc_subnet_id: "{{ aws_subnet_id }}"
+    user_data: "{{ lookup('template', aws_userdata_template + '.j2', template_vars=dict(aws_vm_name=vm_name)) }}"
+  register: aws_vm_output
--- a/collections/ansible_collections/demo/cloud/roles/aws/tasks/destroy_vm.yml
+++ b/collections/ansible_collections/demo/cloud/roles/aws/tasks/destroy_vm.yml
@@ -0,0 +1,7 @@
+---
+- name: Destroy VM
+  amazon.aws.ec2_instance:
+    state: absent
+    instance_ids: "{{ instance_id }}"
+    region: "{{ placement.region }}"
+  delegate_to: localhost
--- a/collections/ansible_collections/demo/cloud/roles/aws/templates/aws_windows_userdata.j2
+++ b/collections/ansible_collections/demo/cloud/roles/aws/templates/aws_windows_userdata.j2
@@ -0,0 +1,29 @@
+<powershell>
+# Disable .Net Optimization Service
+Get-ScheduledTask *ngen* | Disable-ScheduledTask
+
+# Disable Windows Auto Updates
+# https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/troubleshooting-windows-instances.html#high-cpu-issue
+reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 1 /f
+net stop wuauserv
+net start wuauserv
+
+# Remove policies stopping us from enabling WinRM
+reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service" /v AllowBasic /f
+reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service" /v AllowUnencryptedTraffic /f
+reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service" /v DisableRunAs /f
+
+# Disable Windows Defender Monitoring
+Set-MpPreference -DisableRealtimeMonitoring $true
+
+# Enable WinRM
+Invoke-WebRequest -Uri https://raw.githubusercontent.com/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1 -OutFile C:\ConfigureRemotingForAnsible.ps1
+C:\ConfigureRemotingForAnsible.ps1 -ForceNewSSLCert -EnableCredSSP
+
+# add ec2-user
+$Password = ConvertTo-SecureString {{ ansible_password }} -AsPlainText -Force
+New-LocalUser -Name "ec2-user" -Description "Ansible Service Account" -Password $Password
+Add-LocalGroupMember -Group "Administrators" -Member "ec2-user"
+
+Rename-Computer -NewName {{ aws_vm_name }} -Force -Restart
+</powershell>
--- a/collections/ansible_collections/demo/cloud/roles/aws/templates/default.j2
+++ b/collections/ansible_collections/demo/cloud/roles/aws/templates/default.j2
--- a/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/callback_plugins/stig_xml.py
+++ b/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/callback_plugins/stig_xml.py
@@ -0,0 +1,98 @@
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from ansible.plugins.callback import CallbackBase
+from time import gmtime, strftime
+import platform
+import tempfile
+import re
+import sys
+import os
+import json
+import xml.etree.ElementTree as ET
+import xml.dom.minidom
+
+role = "iosxeSTIG"
+
+class CallbackModule(CallbackBase):
+    CALLBACK_VERSION = 2.0
+    CALLBACK_TYPE = 'xml'
+    CALLBACK_NAME = 'stig_xml'
+
+    CALLBACK_NEEDS_WHITELIST = True
+
+    def __init__(self):
+        super(CallbackModule, self).__init__()
+        self.rules = {}
+        self.stig_path = os.environ.get('STIG_PATH')
+        self.XML_path = os.environ.get('XML_PATH')
+        if self.stig_path is None:
+            self.stig_path = os.path.join(os.getcwd(), "roles", role, "files")
+            self._display.display('Using STIG_PATH: {}'.format(self.stig_path))
+        if self.XML_path is None:
+            self.XML_path = os.getcwd()
+            self._display.display('Using XML_PATH: {}'.format(self.XML_path))
+
+        print("Writing: {}".format(self.XML_path))
+        STIG_name = os.path.basename(self.stig_path)
+        ET.register_namespace('cdf', 'http://checklists.nist.gov/xccdf/1.2')
+        self.tr = ET.Element('{http://checklists.nist.gov/xccdf/1.2}TestResult')
+        self.tr.set('id', 'xccdf_mil.disa.stig_testresult_scap_mil.disa_comp_{}'.format(STIG_name))
+        endtime = strftime("%Y-%m-%dT%H:%M:%S", gmtime())
+        self.tr.set('end-time', endtime)
+        tg = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}target')
+        tg.text = platform.node()
+
+    def __get_rev(self, nid):
+        rev = '0'
+        # Check all files for the rule number.
+        for file in os.listdir(self.stig_path):
+            with open(os.path.join(self.stig_path, file), 'r') as f:
+                r = 'SV-{}r(?P<rev>\d)_rule'.format(nid)
+                m = re.search(r, f.read())
+            if m:
+                rev = m.group('rev')
+                break
+        return rev
+
+    def v2_runner_on_ok(self, result):
+        name = result._task.get_name()
+        m = re.search('stigrule_(?P<id>\d+)', name)
+        if m:
+            nid = m.group('id')
+        else:
+            return
+        rev = self.__get_rev(nid)
+        key = "{}r{}".format(nid, rev)
+        if self.rules.get(key, 'Unknown') != False:
+            self.rules[key] = result.is_changed()
+
+    def __set_duplicates(self):
+        with open(os.path.join(self.stig_path, 'duplicates.json')) as f:
+            dups = json.load(f)
+        for d in dups:
+            dup_of = str(dups[d][0])
+            rev = self.__get_rev(d)
+            key = "{}r{}".format(d, rev)
+            dup_of_rev = self.__get_rev(dup_of)
+            dup_of_key = "{}r{}".format(dup_of, dup_of_rev)
+            if dup_of_key in self.rules:
+                self.rules[key] = self.rules[dup_of_key]
+
+    def v2_playbook_on_stats(self, stats):
+        self.__set_duplicates()
+        for rule, changed in self.rules.items():
+            state = 'fail' if changed else 'pass'
+            rr = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}rule-result')
+            rr.set('idref', 'xccdf_mil.disa.stig_rule_SV-{}_rule'.format(rule))
+            rs = ET.SubElement(rr, '{http://checklists.nist.gov/xccdf/1.2}result')
+            rs.text = state
+        passing = len(self.rules) - sum(self.rules.values())
+        sc = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}score')
+        sc.set('maximum', str(len(self.rules)))
+        sc.set('system', 'urn:xccdf:scoring:flat-unweighted')
+        sc.text = str(passing)
+        with open(os.path.join(self.XML_path, "xccdf-results.xml"), 'w') as f:
+            out = ET.tostring(self.tr)
+            pretty = xml.dom.minidom.parseString(out).toprettyxml(encoding='utf-8')
+            f.write(pretty)
--- a/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/defaults/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/defaults/main.yml
@@ -0,0 +1,280 @@
+# R-215807 CISC-ND-000010
+iosxeSTIG_stigrule_215807_Manage: True
+iosxeSTIG_stigrule_215807_ip_http_max_connections_2_Lines:
+  - ip http max-connections 2
+iosxeSTIG_stigrule_215807_session_limit_for_all_line_vty_sections_Lines:
+  - session-limit 2
+# R-215808 CISC-ND-000090
+# A partial of 215815
+# duplicate of 215815
+# R-215809 CISC-ND-000100
+# A partial of 215815
+# duplicate of 215815
+# R-215810 CISC-ND-000110
+# A partial of 215815
+# duplicate of 215815
+# R-215811 CISC-ND-000120
+# A partial of 215815
+# duplicate of 215815
+# R-215813 CISC-ND-000150
+iosxeSTIG_stigrule_215813_Manage: True
+iosxeSTIG_stigrule_215813_login_block_for_900_attempts_3_within_120_Lines:
+  - login block-for 900 attempts 3 within 120
+# R-215814 CISC-ND-000160
+iosxeSTIG_stigrule_215814_Manage: True
+iosxeSTIG_stigrule_215814_login_Text: 'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and 
+
+counterintelligence (CI) investigations.
+
+-At any time, the USG may inspect and seize data stored on this IS.
+
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG authorized purpose.
+
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
+
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE, or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, 
+
+psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.'
+# R-215815 CISC-ND-000210
+iosxeSTIG_stigrule_215815_Manage: True
+iosxeSTIG_stigrule_215815_login_logging_Lines:
+  - logging userinfo
+iosxeSTIG_stigrule_215815_logging_enable_Lines:
+  - logging enable
+iosxeSTIG_stigrule_215815_logging_enable_Parents:
+  - archive
+  - log config
+# R-215816 CISC-ND-000250
+iosxeSTIG_stigrule_215816_Manage: True
+iosxeSTIG_stigrule_215816_login_logging_Lines:
+  - login on-failure log
+  - login on-success log
+# R-215817 CISC-ND-000280
+iosxeSTIG_stigrule_215817_Manage: True
+iosxeSTIG_stigrule_215817_service_timestamps_log_datetime_localtime_Lines:
+  - service timestamps log datetime localtime
+# R-215819 CISC-ND-000330
+# A partial of 215815
+# duplicate of 215815
+# R-215820 CISC-ND-000380
+iosxeSTIG_stigrule_215820_Manage: True
+iosxeSTIG_stigrule_215820_file_privilege_Lines:
+  - file privilege 15
+# R-215821 CISC-ND-000390
+# A duplicate of 215820
+# duplicate of 215820
+# R-215822 CISC-ND-000460
+# A duplicate of 215820
+# duplicate of 215820
+# R-215823 CISC-ND-000470
+iosxeSTIG_stigrule_215823_Manage: True
+iosxeSTIG_stigrule_215823_disable_boot_network_Lines:
+  - no boot network
+iosxeSTIG_stigrule_215823_disable_boot_server_Lines:
+  - no ip boot server
+iosxeSTIG_stigrule_215823_disable_bootp_server_Lines:
+  - no ip bootp server
+iosxeSTIG_stigrule_215823_disable_dns_server_Lines:
+  - no ip dns server
+iosxeSTIG_stigrule_215823_disable_identd_Lines:
+  - no ip identd
+iosxeSTIG_stigrule_215823_disable_finger_Lines:
+  - no ip finger
+iosxeSTIG_stigrule_215823_disable_http_server_Lines:
+  - no ip http server
+iosxeSTIG_stigrule_215823_disable_rcmd_rcp_enable_Lines:
+  - no ip rcmd rcp-enable
+iosxeSTIG_stigrule_215823_disable_rcmd_rsh_enable_Lines:
+  - no ip rcmd rsh-enable
+iosxeSTIG_stigrule_215823_disable_tcp_small_servers_Lines:
+  - no service tcp-small-servers
+iosxeSTIG_stigrule_215823_disable_udp_small_servers_Lines:
+  - no service udp-small-servers
+iosxeSTIG_stigrule_215823_disable_service_finger_Lines:
+  - no service finger
+iosxeSTIG_stigrule_215823_disable_service_config_Lines:
+  - no service config
+iosxeSTIG_stigrule_215823_disable_service_pad_Lines:
+  - no service pad
+# R-215825 CISC-ND-000530
+# ip ssh server algorithm encryption is set in 215845.
+iosxeSTIG_stigrule_215825_Manage: True
+iosxeSTIG_stigrule_215825_ip_ssh_version_2_Lines:
+  - ip ssh version 2
+# R-215826 CISC-ND-000550
+iosxeSTIG_stigrule_215826_Manage: False
+iosxeSTIG_stigrule_215826_password_min_len_Lines:
+  - min-length 15
+iosxeSTIG_stigrule_215826_password_min_len_Parents:
+  - aaa common-criteria policy PASSWORD_POLICY
+# R-215827 CISC-ND-000570
+iosxeSTIG_stigrule_215827_Manage: False
+iosxeSTIG_stigrule_215827_password_upper_case_Lines:
+  - upper-case 1
+iosxeSTIG_stigrule_215827_password_upper_case_Parents:
+  - aaa common-criteria policy PASSWORD_POLICY
+# R-215828 CISC-ND-000580
+iosxeSTIG_stigrule_215828_Manage: False
+iosxeSTIG_stigrule_215828_password_lower_case_Lines:
+  - lower-case 1
+iosxeSTIG_stigrule_215828_password_lower_case_Parents:
+  - aaa common-criteria policy PASSWORD_POLICY
+# R-215829 CISC-ND-000590
+iosxeSTIG_stigrule_215829_Manage: False
+iosxeSTIG_stigrule_215829_password_numeric_count_Lines:
+  - numeric-count 1
+iosxeSTIG_stigrule_215829_password_numeric_count_Parents:
+  - aaa common-criteria policy PASSWORD_POLICY
+# R-215830 CISC-ND-000600
+iosxeSTIG_stigrule_215830_Manage: False
+iosxeSTIG_stigrule_215830_password_special_case_Lines:
+  - special-case 1
+iosxeSTIG_stigrule_215830_password_special_case_Parents:
+  - aaa common-criteria policy PASSWORD_POLICY
+# R-215831 CISC-ND-000610
+iosxeSTIG_stigrule_215831_Manage: False
+iosxeSTIG_stigrule_215831_password_upper_case_Lines:
+  - char-changes 8
+iosxeSTIG_stigrule_215831_password_upper_case_Parents:
+  - aaa common-criteria policy PASSWORD_POLICY
+# R-215832 CISC-ND-000620
+iosxeSTIG_stigrule_215832_Manage: True
+iosxeSTIG_stigrule_215832_service_password_encryption_Lines:
+  - service password-encryption
+# R-215833 CISC-ND-000720
+iosxeSTIG_stigrule_215833_Manage: True
+iosxeSTIG_stigrule_215833_exec_timeout_for_console_Lines:
+  - exec-timeout 10 0
+iosxeSTIG_stigrule_215833_exec_timeout_for_console_Parents:
+  - line con 0
+iosxeSTIG_stigrule_215833_exec_timeout_for_all_line_vty_sections_Lines:
+  - exec-timeout 10 0
+iosxeSTIG_stigrule_215833_ip_http_timeout_policy_idle_600_life_3600_requests_10_Lines:
+  - ip http timeout-policy idle 600 life 3600 requests 10
+# R-215834 CISC-ND-000880
+# A partial of 215815
+# duplicate of 215815
+# R-215835 CISC-ND-000940
+# A duplicate of 215815
+# duplicate of 215815
+# R-215836 CISC-ND-000980
+iosxeSTIG_stigrule_215836_Manage: True
+iosxeSTIG_stigrule_215836_logging_buffered_4096_informational_Lines:
+  - logging buffered 4096 informational
+# R-215837 CISC-ND-001000
+# Please configure name IP address to a valid one.
+iosxeSTIG_stigrule_215837_Manage: False
+iosxeSTIG_stigrule_215837_host_Name: '192.0.2.128'
+iosxeSTIG_stigrule_215837_logging_trap_critical_Lines:
+  - logging trap critical
+# R-215838 CISC-ND-001030
+# Replace ntp servers' IP address before enabling.
+iosxeSTIG_stigrule_215838_Manage: False
+iosxeSTIG_stigrule_215838_ntp_server_1_Server: '192.0.2.0'
+iosxeSTIG_stigrule_215838_ntp_server_2_Server: '192.0.2.1'
+# R-215839 CISC-ND-001040
+# A duplicate of 215817
+# duplicate of 215817
+# R-215840 CISC-ND-001050
+# service timestamps log datetime localtime is set in 215817.
+iosxeSTIG_stigrule_215840_Manage: True
+iosxeSTIG_stigrule_215840_service_timestamps_log_datetime_localtime_Lines:
+  - clock timezone EST -5 0
+# R-215844 CISC-ND-001200
+iosxeSTIG_stigrule_215844_Manage: True
+iosxeSTIG_stigrule_215844_ip_ssh_server_algorithm_mac_hmac_sha1_Lines:
+  - ip ssh server algorithm mac hmac-sha1
+iosxeSTIG_stigrule_215844_ip_http_secure_ciphersuite_aes_128_cbc_sha_Lines:
+  - ip http secure-ciphersuite aes-128-cbc-sha
+# R-215845 CISC-ND-001210
+# Option ip http secure-ciphersuite is set in 215844
+iosxeSTIG_stigrule_215845_Manage: True
+iosxeSTIG_stigrule_215845_ip_ssh_server_algorithm_encryption_aes128_cbc_aes128_ctr_aes192_cbc_aes192_ctr_Lines:
+  - ip ssh server algorithm encryption aes128-cbc aes128-ctr aes192-cbc aes192-ctr
+# R-215847 CISC-ND-001240
+# A duplicate of 215815
+# duplicate of 215815
+# R-215848 CISC-ND-001250
+# A partial of 215815
+# duplicate of 215815
+# R-215849 CISC-ND-001260
+# A subset of 215816
+# duplicate of 215816
+# R-215850 CISC-ND-001270
+# A partial of 215815
+# duplicate of 215815
+# R-215852 CISC-ND-001290
+# A subset of 215816
+# duplicate of 215816
+# R-215853 CISC-ND-001310
+# A duplicate of 215837
+# duplicate of 215837
+# R-215854 CISC-ND-001370
+# Configure the authentication server key before enabling.
+iosxeSTIG_stigrule_215854_Manage: False
+iosxeSTIG_stigrule_215854_radius_host_10_1_48_2_key_xxxxxx_Lines:
+  - radius host 10.1.48.2 key xxxxxx
+iosxeSTIG_stigrule_215854_aaa_authentication_login_LOGIN_AUTHENTICATION_group_radius_local_Lines:
+  - aaa authentication login LOGIN_AUTHENTICATION group radius local
+iosxeSTIG_stigrule_215854_ip_http_authentication_aaa_login_authentication_LOGIN_AUTHENTICATION_Lines:
+  - ip http authentication aaa login-authentication LOGIN_AUTHENTICATION
+iosxeSTIG_stigrule_215854_login_authentication_for_console_Lines:
+  - login authentication LOGIN_AUTHENTICATION
+iosxeSTIG_stigrule_215854_login_authentication_for_console_Parents:
+  - line con 0
+iosxeSTIG_stigrule_215854_login_authentication_for_all_line_vty_sections_Lines:
+  - login authentication LOGIN_AUTHENTICATION
+# R-215856 CISC-ND-001440
+# Insert an appropriate URL (including protocol and port)
+iosxeSTIG_stigrule_215856_Manage: False
+iosxeSTIG_stigrule_215856_enrollment_url_Lines:
+  - enrollment url http://trustpoint1.example.com:80
+iosxeSTIG_stigrule_215856_enrollment_url_Parents:
+  - crypto pki trustpoint CA_X
+# R-216647 CISC-RT-000070
+# A duplicate of 215823
+# duplicate of 215823
+# R-216661 CISC-RT-000230
+iosxeSTIG_stigrule_216661_Manage: False
+iosxeSTIG_stigrule_216661_Disable_the_auxiliary_port_Lines:
+  - no exec
+  - transport input none
+iosxeSTIG_stigrule_216661_Disable_the_auxiliary_port_Parents:
+  - line aux 0
+# R-216675 CISC-RT-000370
+iosxeSTIG_stigrule_216675_Manage: True
+iosxeSTIG_stigrule_216675_no_cdp_run_Lines:
+  - no cdp run
+# R-216700 CISC-RT-000620
+iosxeSTIG_stigrule_216700_Manage: True
+iosxeSTIG_stigrule_216700_no_mpls_ip_propagate_ttl_Lines:
+  - no mpls ip propagate-ttl
+# R-216723 CISC-RT-000850
+iosxeSTIG_stigrule_216723_Manage: False
+iosxeSTIG_stigrule_216723_ip_pim_register_rate_limit_10_Lines:
+  - ip pim register-rate-limit 10
+# R-216726 CISC-RT-000880
+iosxeSTIG_stigrule_216726_Manage: True
+iosxeSTIG_stigrule_216726_ip_igmp_limit_Lines:
+  - ip igmp limit 2
+# R-216727 CISC-RT-000890
+iosxeSTIG_stigrule_216727_Manage: True
+iosxeSTIG_stigrule_216727_ip_pim_spt_threshold_infinity_Lines:
+  - ip pim spt-threshold infinity
+# R-216996 CISC-RT-000080
+iosxeSTIG_stigrule_216996_Manage: True
+iosxeSTIG_stigrule_216996_no_call_home_Lines:
+  - no call-home
+# R-217001 CISC-RT-000750
+# Options drop or ignore are allowed.
+iosxeSTIG_stigrule_217001_Manage: True
+iosxeSTIG_stigrule_217001_ip_options_drop_Lines:
+  - ip options drop
+# R-220139 CISC-ND-001450
+# A duplicate of 215837
+# duplicate of 215837
+iosxeSTIG_save_configuration_Manage: False
--- a/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/files/U_Cisco_IOS-XE_Router_NDM_STIG_V2R1_Manual-xccdf.xml
+++ b/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/files/U_Cisco_IOS-XE_Router_NDM_STIG_V2R1_Manual-xccdf.xml
--- a/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/files/U_Cisco_IOS-XE_Router_RTR_STIG_V2R1_Manual-xccdf.xml
+++ b/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/files/U_Cisco_IOS-XE_Router_RTR_STIG_V2R1_Manual-xccdf.xml
--- a/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/files/duplicates.json
+++ b/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/files/duplicates.json
@@ -0,0 +1,20 @@
+{
+  "215808":[ "215815" ],
+  "215809":[ "215815" ],
+  "215810":[ "215815" ],
+  "215811":[ "215815" ],
+  "215819":[ "215815" ],
+  "215821":[ "215820" ],
+  "215822":[ "215820" ],
+  "215834":[ "215815" ],
+  "215835":[ "215815" ],
+  "215839":[ "215817" ],
+  "215847":[ "215815" ],
+  "215848":[ "215815" ],
+  "215849":[ "215816" ],
+  "215850":[ "215815" ],
+  "215852":[ "215816" ],
+  "215853":[ "215837" ],
+  "216647":[ "215823" ],
+  "220139":[ "215837" ]
+}
--- a/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/handlers/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: save configuration
+  ios_command:
+    commands: write memory
+  when: iosxeSTIG_save_configuration_Manage
--- a/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/tasks/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/iosxeSTIG/tasks/main.yml
@@ -0,0 +1,595 @@
+# R-215807 CISC-ND-000010
+- name : stigrule_215807_ip_http_max_connections_2
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215807_ip_http_max_connections_2_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215807_Manage
+# R-215807 CISC-ND-000010
+- name: get line vty sections
+  ios_command:
+    commands: show running-config all | include ^line vty
+  register: cmd_result
+- name : stigrule_215807_session_limit_for_all_line_vty_sections
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215807_session_limit_for_all_line_vty_sections_Lines }}"
+    parents: "{{ item }}"
+  loop: "{{ cmd_result.stdout_lines|flatten(levels=1) }}"
+  when:
+    - iosxeSTIG_stigrule_215807_Manage
+# R-215813 CISC-ND-000150
+- name : stigrule_215813_login_block_for_900_attempts_3_within_120
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215813_login_block_for_900_attempts_3_within_120_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215813_Manage
+# R-215814 CISC-ND-000160
+- name : stigrule_215814_login
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_banner:
+    banner: login
+    text: "{{ iosxeSTIG_stigrule_215814_login_Text }}"
+  when: iosxeSTIG_stigrule_215814_Manage
+# R-215815 CISC-ND-000210
+- name : stigrule_215815_login_logging
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215815_login_logging_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215815_Manage
+# R-215815 CISC-ND-000210
+- name : stigrule_215815_logging_enable
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215815_logging_enable_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215815_logging_enable_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215815_Manage
+# R-215816 CISC-ND-000250
+- name : stigrule_215816_login_logging
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215816_login_logging_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215816_Manage
+# R-215817 CISC-ND-000280
+- name : stigrule_215817_service_timestamps_log_datetime_localtime
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215817_service_timestamps_log_datetime_localtime_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215817_Manage
+# R-215820 CISC-ND-000380
+- name : stigrule_215820_file_privilege
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215820_file_privilege_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215820_Manage
+# R-215823 CISC-ND-000470
+- name: check for boot network
+  ios_command:
+    commands: show running-config all | include ^boot network
+  register: cmd_result
+- name : stigrule_215823_disable_boot_network
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_boot_network_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('boot network') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name: check for ip boot server
+  ios_command:
+    commands: show running-config all | include ^ip boot server
+  register: cmd_result
+- name : stigrule_215823_disable_boot_server
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_boot_server_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('ip boot server') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name : stigrule_215823_disable_bootp_server
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_bootp_server_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name: check for DNS server configuration
+  ios_command:
+    commands: show running-config all | include ^ip dns server
+  register: cmd_result
+- name : stigrule_215823_disable_dns_server
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_dns_server_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('ip dns server') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name : stigrule_215823_disable_identd
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_identd_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name : stigrule_215823_disable_finger
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_finger_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name : stigrule_215823_disable_http_server
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_http_server_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name: check for ip rcmd rcp-enable
+  ios_command:
+    commands: show running-config all | include ^ip rcmd rcp-enable
+  register: cmd_result
+- name : stigrule_215823_disable_rcmd_rcp_enable
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_rcmd_rcp_enable_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('ip rcmd rcp-enable') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name: check for ip rcmd rsh-enable
+  ios_command:
+    commands: show running-config all | include ^ip rcmd rsh-enable
+  register: cmd_result
+- name : stigrule_215823_disable_rcmd_rsh_enable
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_rcmd_rsh_enable_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('ip rcmd rsh-enable') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name: check for tcp-small-servers
+  ios_command:
+    commands: show running-config all | include ^service tcp-small-servers
+  register: cmd_result
+- name : stigrule_215823_disable_tcp_small_servers
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_tcp_small_servers_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('service tcp-small-servers') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name: check for udp-small-servers
+  ios_command:
+    commands: show running-config all | include ^service udp-small-servers
+  register: cmd_result
+- name : stigrule_215823_disable_udp_small_servers
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_udp_small_servers_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('service udp-small-servers') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name: check for service finger
+  ios_command:
+    commands: show running-config all | include ^service finger
+  register: cmd_result
+- name : stigrule_215823_disable_service_finger
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_service_finger_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('service finger') != -1
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name : stigrule_215823_disable_service_config
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_service_config_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215823 CISC-ND-000470
+- name : stigrule_215823_disable_service_pad
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215823_disable_service_pad_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215823_Manage
+# R-215825 CISC-ND-000530
+# ip ssh server algorithm encryption is set in 215845.
+- name : stigrule_215825_ip_ssh_version_2
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215825_ip_ssh_version_2_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215825_Manage
+# R-215826 CISC-ND-000550
+- name : stigrule_215826_password_min_len
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215826_password_min_len_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215826_password_min_len_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215826_Manage
+# R-215827 CISC-ND-000570
+- name : stigrule_215827_password_upper_case
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215827_password_upper_case_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215827_password_upper_case_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215827_Manage
+# R-215828 CISC-ND-000580
+- name : stigrule_215828_password_lower_case
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215828_password_lower_case_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215828_password_lower_case_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215828_Manage
+# R-215829 CISC-ND-000590
+- name : stigrule_215829_password_numeric_count
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215829_password_numeric_count_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215829_password_numeric_count_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215829_Manage
+# R-215830 CISC-ND-000600
+- name : stigrule_215830_password_special_case
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215830_password_special_case_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215830_password_special_case_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215830_Manage
+# R-215831 CISC-ND-000610
+- name : stigrule_215831_password_upper_case
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215831_password_upper_case_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215831_password_upper_case_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215831_Manage
+# R-215832 CISC-ND-000620
+- name : stigrule_215832_service_password_encryption
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215832_service_password_encryption_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215832_Manage
+# R-215833 CISC-ND-000720
+- name : stigrule_215833_exec_timeout_for_console
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215833_exec_timeout_for_console_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215833_exec_timeout_for_console_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215833_Manage
+# R-215833 CISC-ND-000720
+- name: get line vty sections
+  ios_command:
+    commands: show running-config all | include ^line vty
+  register: cmd_result
+- name : stigrule_215833_exec_timeout_for_all_line_vty_sections
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215833_exec_timeout_for_all_line_vty_sections_Lines }}"
+    parents: "{{ item }}"
+  loop: "{{ cmd_result.stdout_lines|flatten(levels=1) }}"
+  when:
+    - iosxeSTIG_stigrule_215833_Manage
+# R-215833 CISC-ND-000720
+- name : stigrule_215833_ip_http_timeout_policy_idle_600_life_3600_requests_10
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215833_ip_http_timeout_policy_idle_600_life_3600_requests_10_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215833_Manage
+# R-215836 CISC-ND-000980
+- name : stigrule_215836_logging_buffered_4096_informational
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215836_logging_buffered_4096_informational_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215836_Manage
+# R-215837 CISC-ND-001000
+# Please configure name IP address to a valid one.
+- name : stigrule_215837_host
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_logging:
+    dest: host
+    name: "{{ iosxeSTIG_stigrule_215837_host_Name }}"
+  when: iosxeSTIG_stigrule_215837_Manage
+# R-215837 CISC-ND-001000
+# Please configure name IP address to a valid one.
+- name : stigrule_215837_logging_trap_critical
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215837_logging_trap_critical_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215837_Manage
+# R-215838 CISC-ND-001030
+# Replace ntp servers' IP address before enabling.
+- name : stigrule_215838_ntp_server_1
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_ntp:
+    server: "{{ iosxeSTIG_stigrule_215838_ntp_server_1_Server }}"
+  when: iosxeSTIG_stigrule_215838_Manage
+# R-215838 CISC-ND-001030
+# Replace ntp servers' IP address before enabling.
+- name : stigrule_215838_ntp_server_2
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_ntp:
+    server: "{{ iosxeSTIG_stigrule_215838_ntp_server_2_Server }}"
+  when: iosxeSTIG_stigrule_215838_Manage
+# R-215840 CISC-ND-001050
+# service timestamps log datetime localtime is set in 215817.
+- name : stigrule_215840_service_timestamps_log_datetime_localtime
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215840_service_timestamps_log_datetime_localtime_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215840_Manage
+# R-215844 CISC-ND-001200
+- name : stigrule_215844_ip_ssh_server_algorithm_mac_hmac_sha1
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215844_ip_ssh_server_algorithm_mac_hmac_sha1_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215844_Manage
+# R-215844 CISC-ND-001200
+- name : stigrule_215844_ip_http_secure_ciphersuite_aes_128_cbc_sha
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215844_ip_http_secure_ciphersuite_aes_128_cbc_sha_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215844_Manage
+# R-215845 CISC-ND-001210
+# Option ip http secure-ciphersuite is set in 215844
+- name : stigrule_215845_ip_ssh_server_algorithm_encryption_aes128_cbc_aes128_ctr_aes192_cbc_aes192_ctr
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215845_ip_ssh_server_algorithm_encryption_aes128_cbc_aes128_ctr_aes192_cbc_aes192_ctr_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215845_Manage
+# R-215854 CISC-ND-001370
+# Configure the authentication server key before enabling.
+- name : stigrule_215854_radius_host_10_1_48_2_key_xxxxxx
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215854_radius_host_10_1_48_2_key_xxxxxx_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215854_Manage
+# R-215854 CISC-ND-001370
+# Configure the authentication server key before enabling.
+- name : stigrule_215854_aaa_authentication_login_LOGIN_AUTHENTICATION_group_radius_local
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215854_aaa_authentication_login_LOGIN_AUTHENTICATION_group_radius_local_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215854_Manage
+# R-215854 CISC-ND-001370
+# Configure the authentication server key before enabling.
+- name : stigrule_215854_ip_http_authentication_aaa_login_authentication_LOGIN_AUTHENTICATION
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215854_ip_http_authentication_aaa_login_authentication_LOGIN_AUTHENTICATION_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_215854_Manage
+# R-215854 CISC-ND-001370
+# Configure the authentication server key before enabling.
+- name : stigrule_215854_login_authentication_for_console
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215854_login_authentication_for_console_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215854_login_authentication_for_console_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215854_Manage
+# R-215854 CISC-ND-001370
+# Configure the authentication server key before enabling.
+- name: get line vty sections
+  ios_command:
+    commands: show running-config all | include ^line vty
+  register: cmd_result
+- name : stigrule_215854_login_authentication_for_all_line_vty_sections
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215854_login_authentication_for_all_line_vty_sections_Lines }}"
+    parents: "{{ item }}"
+  loop: "{{ cmd_result.stdout_lines|flatten(levels=1) }}"
+  when:
+    - iosxeSTIG_stigrule_215854_Manage
+# R-215856 CISC-ND-001440
+# Insert an appropriate URL (including protocol and port)
+- name : stigrule_215856_enrollment_url
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_215856_enrollment_url_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_215856_enrollment_url_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_215856_Manage
+# R-216661 CISC-RT-000230
+- name : stigrule_216661_Disable_the_auxiliary_port
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_216661_Disable_the_auxiliary_port_Lines }}"
+    parents: "{{ iosxeSTIG_stigrule_216661_Disable_the_auxiliary_port_Parents }}"
+  when:
+    - iosxeSTIG_stigrule_216661_Manage
+# R-216675 CISC-RT-000370
+- name : stigrule_216675_no_cdp_run
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_216675_no_cdp_run_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_216675_Manage
+# R-216700 CISC-RT-000620
+- name : stigrule_216700_no_mpls_ip_propagate_ttl
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_216700_no_mpls_ip_propagate_ttl_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_216700_Manage
+# R-216723 CISC-RT-000850
+- name : stigrule_216723_ip_pim_register_rate_limit_10
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_216723_ip_pim_register_rate_limit_10_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_216723_Manage
+# R-216726 CISC-RT-000880
+- name : stigrule_216726_ip_igmp_limit
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_216726_ip_igmp_limit_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_216726_Manage
+# R-216727 CISC-RT-000890
+- name : stigrule_216727_ip_pim_spt_threshold_infinity
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_216727_ip_pim_spt_threshold_infinity_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_216727_Manage
+# R-216996 CISC-RT-000080
+- name: check for call-home
+  ios_command:
+    commands: show running-config | include ^call-home
+  register: cmd_result
+- name : stigrule_216996_no_call_home
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_216996_no_call_home_Lines }}"
+  when:
+    - (cmd_result.stdout|join('\n')).find('call-home') != -1
+    - iosxeSTIG_stigrule_216996_Manage
+# R-217001 CISC-RT-000750
+# Options drop or ignore are allowed.
+- name : stigrule_217001_ip_options_drop
+  ignore_errors: "{{ ignore_all_errors }}"
+  notify: "save configuration"
+  ios_config:
+    defaults: yes
+    lines: "{{ iosxeSTIG_stigrule_217001_ip_options_drop_Lines }}"
+  when:
+    - iosxeSTIG_stigrule_217001_Manage
--- a/collections/ansible_collections/demo/compliance/roles/rhel7STIG/callback_plugins/stig_xml.py
+++ b/collections/ansible_collections/demo/compliance/roles/rhel7STIG/callback_plugins/stig_xml.py
@@ -0,0 +1,86 @@
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from ansible.plugins.callback import CallbackBase
+from time import gmtime, strftime
+import platform
+import tempfile
+import re
+import sys
+import os
+import xml.etree.ElementTree as ET
+import xml.dom.minidom
+
+class CallbackModule(CallbackBase):
+    CALLBACK_VERSION = 2.0
+    CALLBACK_TYPE = 'xml'
+    CALLBACK_NAME = 'stig_xml'
+
+    CALLBACK_NEEDS_WHITELIST = True
+
+    def _get_STIG_path(self):
+        cwd = os.path.abspath('.')
+        for dirpath, dirs, files in os.walk(cwd):
+            if os.path.sep + 'files' in dirpath and '.xml' in files[0]:
+                return os.path.join(cwd, dirpath, files[0])
+
+    def __init__(self):
+        super(CallbackModule, self).__init__()
+        self.rules = {}
+        self.stig_path = os.environ.get('STIG_PATH')
+        self.XML_path = os.environ.get('XML_PATH')
+        if self.stig_path is None:
+            self.stig_path = self._get_STIG_path()
+        self._display.display('Using STIG_PATH: {}'.format(self.stig_path))
+        if self.XML_path is None:
+            self.XML_path = tempfile.mkdtemp() + "/xccdf-results.xml"
+        self._display.display('Using XML_PATH: {}'.format(self.XML_path))
+
+        print("Writing: {}".format(self.XML_path))
+        STIG_name = os.path.basename(self.stig_path)
+        ET.register_namespace('cdf', 'http://checklists.nist.gov/xccdf/1.2')
+        self.tr = ET.Element('{http://checklists.nist.gov/xccdf/1.2}TestResult')
+        self.tr.set('id', 'xccdf_mil.disa.stig_testresult_scap_mil.disa_comp_{}'.format(STIG_name))
+        endtime = strftime("%Y-%m-%dT%H:%M:%S", gmtime())
+        self.tr.set('end-time', endtime)
+        tg = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}target')
+        tg.text = platform.node()
+
+    def _get_rev(self, nid):
+        with open(self.stig_path, 'r') as f:
+            r = 'SV-{}r(?P<rev>\d+)_rule'.format(nid)
+            m = re.search(r, f.read())
+        if m:
+            rev = m.group('rev')
+        else:
+            rev = '0'
+        return rev
+
+    def v2_runner_on_ok(self, result):
+        name = result._task.get_name()
+        m = re.search('stigrule_(?P<id>\d+)', name)
+        if m:
+            nid = m.group('id')
+        else:
+            return
+        rev = self._get_rev(nid)
+        key = "{}r{}".format(nid, rev)
+        if self.rules.get(key, 'Unknown') != False:
+            self.rules[key] = result.is_changed()
+
+    def v2_playbook_on_stats(self, stats):
+        for rule, changed in self.rules.items():
+            state = 'fail' if changed else 'pass'
+            rr = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}rule-result')
+            rr.set('idref', 'xccdf_mil.disa.stig_rule_SV-{}_rule'.format(rule))
+            rs = ET.SubElement(rr, '{http://checklists.nist.gov/xccdf/1.2}result')
+            rs.text = state
+        passing = len(self.rules) - sum(self.rules.values())
+        sc = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}score')
+        sc.set('maximum', str(len(self.rules)))
+        sc.set('system', 'urn:xccdf:scoring:flat-unweighted')
+        sc.text = str(passing)
+        with open(self.XML_path, 'wb') as f:
+            out = ET.tostring(self.tr)
+            pretty = xml.dom.minidom.parseString(out).toprettyxml(encoding='utf-8')
+            f.write(pretty)
--- a/collections/ansible_collections/demo/compliance/roles/rhel7STIG/defaults/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel7STIG/defaults/main.yml
@@ -0,0 +1,503 @@
+# R-204393 RHEL-07-010030
+rhel7STIG_stigrule_204393_Manage: True
+rhel7STIG_stigrule_204393__etc_dconf_db_local_d_01_banner_message_Value: 'true'
+# R-204394 RHEL-07-010040
+rhel7STIG_stigrule_204394_Manage: True
+rhel7STIG_stigrule_204394__etc_dconf_db_local_d_01_banner_message_Value: '''You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n-At any time, the USG may inspect and seize data stored on this IS.\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.'''
+# R-204395 RHEL-07-010050
+rhel7STIG_stigrule_204395_Manage: True
+rhel7STIG_stigrule_204395__etc_issue_Dest: /etc/issue
+rhel7STIG_stigrule_204395__etc_issue_Content: 'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
+
+-At any time, the USG may inspect and seize data stored on this IS.
+
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
+
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
+
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.
+
+'
+# R-204396 RHEL-07-010060
+rhel7STIG_stigrule_204396_Manage: True
+rhel7STIG_stigrule_204396__etc_dconf_db_local_d_00_screensaver_Value: 'true'
+# R-204397 RHEL-07-010061
+rhel7STIG_stigrule_204397_Manage: True
+rhel7STIG_stigrule_204397__etc_dconf_db_local_d_00_defaults_Value: 'true'
+# R-204398 RHEL-07-010070
+rhel7STIG_stigrule_204398_Manage: True
+rhel7STIG_stigrule_204398__etc_dconf_db_local_d_00_screensaver_Value: 'uint32 900'
+# R-204399 RHEL-07-010081
+rhel7STIG_stigrule_204399_Manage: True
+rhel7STIG_stigrule_204399__etc_dconf_db_local_d_locks_session_Line: '/org/gnome/desktop/screensaver/lock-delay'
+# R-204400 RHEL-07-010082
+rhel7STIG_stigrule_204400_Manage: True
+rhel7STIG_stigrule_204400__etc_dconf_db_local_d_locks_session_Line: '/org/gnome/desktop/session/idle-delay'
+# R-204402 RHEL-07-010100
+rhel7STIG_stigrule_204402_Manage: True
+rhel7STIG_stigrule_204402__etc_dconf_db_local_d_00_screensaver_Value: 'true'
+# R-204403 RHEL-07-010101
+rhel7STIG_stigrule_204403_Manage: True
+rhel7STIG_stigrule_204403__etc_dconf_db_local_d_locks_session_Line: '/org/gnome/desktop/screensaver/idle-activation-enabled'
+# R-204404 RHEL-07-010110
+rhel7STIG_stigrule_204404_Manage: True
+rhel7STIG_stigrule_204404__etc_dconf_db_local_d_00_screensaver_Value: 'uint32 5'
+# R-204407 RHEL-07-010120
+rhel7STIG_stigrule_204407_Manage: True
+rhel7STIG_stigrule_204407__etc_security_pwquality_conf_Line: 'ucredit = -1'
+# R-204408 RHEL-07-010130
+rhel7STIG_stigrule_204408_Manage: True
+rhel7STIG_stigrule_204408__etc_security_pwquality_conf_Line: 'lcredit = -1'
+# R-204409 RHEL-07-010140
+rhel7STIG_stigrule_204409_Manage: True
+rhel7STIG_stigrule_204409__etc_security_pwquality_conf_Line: 'dcredit = -1'
+# R-204410 RHEL-07-010150
+rhel7STIG_stigrule_204410_Manage: True
+rhel7STIG_stigrule_204410__etc_security_pwquality_conf_Line: 'ocredit = -1'
+# R-204411 RHEL-07-010160
+rhel7STIG_stigrule_204411_Manage: True
+rhel7STIG_stigrule_204411__etc_security_pwquality_conf_Line: 'difok = 8'
+# R-204412 RHEL-07-010170
+rhel7STIG_stigrule_204412_Manage: True
+rhel7STIG_stigrule_204412__etc_security_pwquality_conf_Line: 'minclass = 4'
+# R-204413 RHEL-07-010180
+rhel7STIG_stigrule_204413_Manage: True
+rhel7STIG_stigrule_204413__etc_security_pwquality_conf_Line: 'maxrepeat = 3'
+# R-204414 RHEL-07-010190
+rhel7STIG_stigrule_204414_Manage: True
+rhel7STIG_stigrule_204414__etc_security_pwquality_conf_Line: 'maxclassrepeat = 4'
+# R-204416 RHEL-07-010210
+rhel7STIG_stigrule_204416_Manage: True
+rhel7STIG_stigrule_204416__etc_login_defs_Line: 'ENCRYPT_METHOD SHA512'
+# R-204417 RHEL-07-010220
+rhel7STIG_stigrule_204417_Manage: True
+rhel7STIG_stigrule_204417__etc_libuser_conf_Value: 'sha512'
+# R-204418 RHEL-07-010230
+rhel7STIG_stigrule_204418_Manage: True
+rhel7STIG_stigrule_204418__etc_login_defs_Line: 'PASS_MIN_DAYS 1'
+# R-204419 RHEL-07-010240
+rhel7STIG_stigrule_204419_Manage: True
+rhel7STIG_stigrule_204419_chage__m_1_user_Command: chage -m 1
+# R-204420 RHEL-07-010250
+rhel7STIG_stigrule_204420_Manage: True
+rhel7STIG_stigrule_204420__etc_login_defs_Line: 'PASS_MAX_DAYS 60'
+# R-204421 RHEL-07-010260
+rhel7STIG_stigrule_204421_Manage: True
+rhel7STIG_stigrule_204421_chage__M_60_user_Command: chage -M 60
+# R-204423 RHEL-07-010280
+rhel7STIG_stigrule_204423_Manage: True
+rhel7STIG_stigrule_204423__etc_security_pwquality_conf_Line: 'minlen = 15'
+# R-204425 RHEL-07-010300
+rhel7STIG_stigrule_204425_Manage: True
+rhel7STIG_stigrule_204425_PermitEmptyPasswords_Line: PermitEmptyPasswords no
+# R-204426 RHEL-07-010310
+rhel7STIG_stigrule_204426_Manage: True
+rhel7STIG_stigrule_204426__etc_default_useradd_Line: 'INACTIVE=0'
+# R-204431 RHEL-07-010430
+rhel7STIG_stigrule_204431_Manage: True
+rhel7STIG_stigrule_204431__etc_login_defs_Line: 'FAIL_DELAY 4'
+# R-204432 RHEL-07-010440
+rhel7STIG_stigrule_204432_Manage: True
+rhel7STIG_stigrule_204432__etc_gdm_custom_conf_Value: 'false'
+# R-204433 RHEL-07-010450
+rhel7STIG_stigrule_204433_Manage: True
+rhel7STIG_stigrule_204433__etc_gdm_custom_conf_Value: 'false'
+# R-204434 RHEL-07-010460
+rhel7STIG_stigrule_204434_Manage: True
+rhel7STIG_stigrule_204434_PermitUserEnvironment_Line: PermitUserEnvironment no
+# R-204435 RHEL-07-010470
+rhel7STIG_stigrule_204435_Manage: True
+rhel7STIG_stigrule_204435_HostbasedAuthentication_Line: HostbasedAuthentication no
+# R-204442 RHEL-07-020000
+rhel7STIG_stigrule_204442_Manage: True
+rhel7STIG_stigrule_204442_rsh_server_State: removed
+# R-204443 RHEL-07-020010
+rhel7STIG_stigrule_204443_Manage: True
+rhel7STIG_stigrule_204443_ypserv_State: removed
+# R-204445 RHEL-07-020030
+# Edit email address.
+rhel7STIG_stigrule_204445_Manage: True
+rhel7STIG_stigrule_204445__etc_cron_daily_aide_Dest: /etc/cron.daily/aide
+rhel7STIG_stigrule_204445__etc_cron_daily_aide_Content: '#!/bin/bash
+
+
+
+/usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity check run" root'
+rhel7STIG_stigrule_204445__etc_cron_daily_aide_Mode: '700'
+rhel7STIG_stigrule_204445_aide_State: installed
+# R-204446 RHEL-07-020040
+# Edit email address.
+rhel7STIG_stigrule_204446_Manage: True
+rhel7STIG_stigrule_204446__etc_cron_daily_aide_notify_Dest: /etc/cron.daily/aide
+rhel7STIG_stigrule_204446__etc_cron_daily_aide_notify_Content: '#!/bin/bash
+
+
+
+/usr/sbin/aide --check | /bin/mail -s "$HOSTNAME - Daily aide integrity check run" root'
+rhel7STIG_stigrule_204446__etc_cron_daily_aide_notify_Mode: '700'
+rhel7STIG_stigrule_204446_aide_notify_State: installed
+# R-204447 RHEL-07-020050
+rhel7STIG_stigrule_204447_Manage: True
+rhel7STIG_stigrule_204447__etc_yum_conf_Value: '1'
+# R-204448 RHEL-07-020060
+rhel7STIG_stigrule_204448_Manage: True
+rhel7STIG_stigrule_204448__etc_yum_conf_Value: '1'
+# R-204449 RHEL-07-020100
+rhel7STIG_stigrule_204449_Manage: True
+rhel7STIG_stigrule_204449__etc_modprobe_d_blacklist_conf_Line: 'blacklist usb-storage'
+rhel7STIG_stigrule_204449__etc_modprobe_d_usb_storage_conf_Line: 'install usb-storage /bin/true'
+# R-204450 RHEL-07-020101
+rhel7STIG_stigrule_204450_Manage: True
+rhel7STIG_stigrule_204450__etc_modprobe_d_dccp_conf_Dest: /etc/modprobe.d/dccp.conf
+rhel7STIG_stigrule_204450__etc_modprobe_d_dccp_conf_Content: 'install dccp /bin/true'
+rhel7STIG_stigrule_204450__etc_modprobe_d_blacklist_conf_Line: 'blacklist dccp'
+# R-204451 RHEL-07-020110
+rhel7STIG_stigrule_204451_Manage: True
+rhel7STIG_stigrule_204451_autofs_disable_Enabled: no
+rhel7STIG_stigrule_204451_autofs_stop_State: stopped
+# R-204452 RHEL-07-020200
+rhel7STIG_stigrule_204452_Manage: True
+rhel7STIG_stigrule_204452__etc_yum_conf_Value: '1'
+# R-204453 RHEL-07-020210
+rhel7STIG_stigrule_204453_Manage: True
+rhel7STIG_stigrule_204453__etc_selinux_config_Line: 'SELINUX=enforcing'
+# R-204454 RHEL-07-020220
+rhel7STIG_stigrule_204454_Manage: True
+rhel7STIG_stigrule_204454__etc_selinux_config_Line: 'SELINUXTYPE=targeted'
+# R-204455 RHEL-07-020230
+rhel7STIG_stigrule_204455_Manage: True
+rhel7STIG_stigrule_204455_systemctl_mask_ctrl_alt_del_target_Command: systemctl mask ctrl-alt-del.target
+# R-204457 RHEL-07-020240
+rhel7STIG_stigrule_204457_Manage: True
+rhel7STIG_stigrule_204457__etc_login_defs_Line: 'UMASK 077'
+# R-204466 RHEL-07-020610
+rhel7STIG_stigrule_204466_Manage: True
+rhel7STIG_stigrule_204466__etc_login_defs_Line: 'CREATE_HOME yes'
+# R-204489 RHEL-07-021100
+rhel7STIG_stigrule_204489_Manage: True
+rhel7STIG_stigrule_204489__etc_rsyslog_conf_Line: 'cron.* /var/log/cron.log'
+# R-204490 RHEL-07-021110
+rhel7STIG_stigrule_204490_Manage: True
+rhel7STIG_stigrule_204490__etc_cron_allow_Dest: /etc/cron.allow
+rhel7STIG_stigrule_204490__etc_cron_allow_Owner: root
+# R-204491 RHEL-07-021120
+rhel7STIG_stigrule_204491_Manage: True
+rhel7STIG_stigrule_204491__etc_cron_allow_Dest: /etc/cron.allow
+rhel7STIG_stigrule_204491__etc_cron_allow_Group: root
+# R-204492 RHEL-07-021300
+# If kernel core dumps are required, document the need with the ISSO.
+rhel7STIG_stigrule_204492_Manage: True
+rhel7STIG_stigrule_204492_kdump_disable_Enabled: no
+rhel7STIG_stigrule_204492_kdump_stop_State: stopped
+# R-204496 RHEL-07-021340
+rhel7STIG_stigrule_204496_Manage: True
+rhel7STIG_stigrule_204496_tmp_mount_Enabled: yes
+# R-204502 RHEL-07-021710
+rhel7STIG_stigrule_204502_Manage: True
+rhel7STIG_stigrule_204502_telnet_server_State: removed
+# R-204503 RHEL-07-030000
+rhel7STIG_stigrule_204503_Manage: True
+rhel7STIG_stigrule_204503_auditd_enable_Enabled: yes
+rhel7STIG_stigrule_204503_auditd_start_State: started
+# R-204504 RHEL-07-030010
+rhel7STIG_stigrule_204504_Manage: True
+rhel7STIG_stigrule_204504__etc_audit_rules_d_audit_rules_critical_error_Line: '-f 2'
+# R-204506 RHEL-07-030201
+rhel7STIG_stigrule_204506_Manage: True
+rhel7STIG_stigrule_204506__etc_audisp_plugins_d_au_remote_conf_direction_Line: 'direction = out'
+rhel7STIG_stigrule_204506__etc_audisp_plugins_d_au_remote_conf_path_Line: 'path = /sbin/audisp-remote'
+rhel7STIG_stigrule_204506__etc_audisp_plugins_d_au_remote_conf_type_Line: 'type = always'
+# R-204507 RHEL-07-030210
+rhel7STIG_stigrule_204507_Manage: True
+rhel7STIG_stigrule_204507__etc_audisp_audispd_conf_Line: 'overflow_action = syslog'
+# R-204508 RHEL-07-030211
+rhel7STIG_stigrule_204508_Manage: True
+rhel7STIG_stigrule_204508__etc_audisp_audispd_conf_Line: 'name_format = hostname'
+# R-204509 RHEL-07-030300
+# Ensure to set the IP address of the log aggregation server.
+rhel7STIG_stigrule_204509_Manage: False
+rhel7STIG_stigrule_204509__etc_audisp_audisp_remote_conf_Line: 'remote_server = 192.0.2.255'
+# R-204510 RHEL-07-030310
+# Ensure to set the IP address of the log aggregation server.
+rhel7STIG_stigrule_204510_Manage: True
+rhel7STIG_stigrule_204510__etc_audisp_audisp_remote_conf_Line: 'enable_krb5 = yes'
+# R-204511 RHEL-07-030320
+rhel7STIG_stigrule_204511_Manage: True
+rhel7STIG_stigrule_204511__etc_audisp_audisp_remote_conf_Line: 'disk_full_action = single'
+# R-204512 RHEL-07-030321
+rhel7STIG_stigrule_204512_Manage: True
+rhel7STIG_stigrule_204512__etc_audisp_audisp_remote_conf_Line: 'network_failure_action = syslog'
+# R-204514 RHEL-07-030340
+rhel7STIG_stigrule_204514_Manage: True
+rhel7STIG_stigrule_204514__etc_audit_auditd_conf_Line: 'space_left_action = email'
+# R-204515 RHEL-07-030350
+rhel7STIG_stigrule_204515_Manage: True
+rhel7STIG_stigrule_204515__etc_audit_auditd_conf_Line: 'action_mail_acct = root'
+# R-204516 RHEL-07-030360
+rhel7STIG_stigrule_204516_Manage: True
+rhel7STIG_stigrule_204516__etc_audit_rules_d_audit_rules_euid_b32_Line: '-a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k setuid'
+rhel7STIG_stigrule_204516__etc_audit_rules_d_audit_rules_euid_b64_Line: '-a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k setuid'
+rhel7STIG_stigrule_204516__etc_audit_rules_d_audit_rules_egid_b32_Line: '-a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k setgid'
+rhel7STIG_stigrule_204516__etc_audit_rules_d_audit_rules_egid_b64_Line: '-a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k setgid'
+# R-204517 RHEL-07-030370
+rhel7STIG_stigrule_204517_Manage: True
+rhel7STIG_stigrule_204517__etc_audit_rules_d_audit_rules_b32_Line: '-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod'
+rhel7STIG_stigrule_204517__etc_audit_rules_d_audit_rules_b64_Line: '-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-204521 RHEL-07-030410
+rhel7STIG_stigrule_204521_Manage: True
+rhel7STIG_stigrule_204521__etc_audit_rules_d_audit_rules_b32_Line: '-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod'
+rhel7STIG_stigrule_204521__etc_audit_rules_d_audit_rules_b64_Line: '-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-204524 RHEL-07-030440
+rhel7STIG_stigrule_204524_Manage: True
+rhel7STIG_stigrule_204524__etc_audit_rules_d_audit_rules_b32_Line: '-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod'
+rhel7STIG_stigrule_204524__etc_audit_rules_d_audit_rules_b64_Line: '-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-204531 RHEL-07-030510
+rhel7STIG_stigrule_204531_Manage: True
+rhel7STIG_stigrule_204531__etc_audit_rules_d_audit_rules_EPERM_b32_Line: '-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access'
+rhel7STIG_stigrule_204531__etc_audit_rules_d_audit_rules_EPERM_b64_Line: '-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EPERM -F auid>=1000 -F auid!=unset -k access'
+rhel7STIG_stigrule_204531__etc_audit_rules_d_audit_rules_EACCES_b32_Line: '-a always,exit -F arch=b32 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access'
+rhel7STIG_stigrule_204531__etc_audit_rules_d_audit_rules_EACCES_b64_Line: '-a always,exit -F arch=b64 -S creat,open,openat,open_by_handle_at,truncate,ftruncate -F exit=-EACCES -F auid>=1000 -F auid!=unset -k access'
+# R-204536 RHEL-07-030560
+rhel7STIG_stigrule_204536_Manage: True
+rhel7STIG_stigrule_204536__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/semanage -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204537 RHEL-07-030570
+rhel7STIG_stigrule_204537_Manage: True
+rhel7STIG_stigrule_204537__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/setsebool -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204538 RHEL-07-030580
+rhel7STIG_stigrule_204538_Manage: True
+rhel7STIG_stigrule_204538__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/chcon -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204539 RHEL-07-030590
+rhel7STIG_stigrule_204539_Manage: True
+rhel7STIG_stigrule_204539__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/setfiles -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204540 RHEL-07-030610
+rhel7STIG_stigrule_204540_Manage: True
+rhel7STIG_stigrule_204540__etc_audit_rules_d_audit_rules_Line: '-w /var/run/faillock -p wa -k logins'
+# R-204541 RHEL-07-030620
+rhel7STIG_stigrule_204541_Manage: True
+rhel7STIG_stigrule_204541__etc_audit_rules_d_audit_rules_Line: '-w /var/log/lastlog -p wa -k logins'
+# R-204542 RHEL-07-030630
+rhel7STIG_stigrule_204542_Manage: True
+rhel7STIG_stigrule_204542__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/passwd -F auid>=1000 -F auid!=4294967295 -k privileged-passwd'
+# R-204543 RHEL-07-030640
+rhel7STIG_stigrule_204543_Manage: True
+rhel7STIG_stigrule_204543__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/unix_chkpwd -F auid>=1000 -F auid!=4294967295 -k privileged-passwd'
+# R-204544 RHEL-07-030650
+rhel7STIG_stigrule_204544_Manage: True
+rhel7STIG_stigrule_204544__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/gpasswd -F auid>=1000 -F auid!=4294967295 -k privileged-passwd'
+# R-204545 RHEL-07-030660
+rhel7STIG_stigrule_204545_Manage: True
+rhel7STIG_stigrule_204545__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/chage -F auid>=1000 -F auid!=4294967295 -k privileged-passwd'
+# R-204546 RHEL-07-030670
+rhel7STIG_stigrule_204546_Manage: True
+rhel7STIG_stigrule_204546__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/userhelper -F auid>=1000 -F auid!=4294967295 -k privileged-passwd'
+# R-204547 RHEL-07-030680
+rhel7STIG_stigrule_204547_Manage: True
+rhel7STIG_stigrule_204547__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/su -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204548 RHEL-07-030690
+rhel7STIG_stigrule_204548_Manage: True
+rhel7STIG_stigrule_204548__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/sudo -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204549 RHEL-07-030700
+rhel7STIG_stigrule_204549_Manage: True
+rhel7STIG_stigrule_204549__etc_audit_rules_d_audit_rules_sudoers_Line: '-w /etc/sudoers -p wa -k privileged-actions'
+rhel7STIG_stigrule_204549__etc_audit_rules_d_audit_rules_sudoers_d_Line: '-w /etc/sudoers.d/ -p wa -k privileged-actions'
+# R-204550 RHEL-07-030710
+rhel7STIG_stigrule_204550_Manage: True
+rhel7STIG_stigrule_204550__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/newgrp -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204551 RHEL-07-030720
+rhel7STIG_stigrule_204551_Manage: True
+rhel7STIG_stigrule_204551__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/chsh -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change'
+# R-204552 RHEL-07-030740
+rhel7STIG_stigrule_204552_Manage: True
+rhel7STIG_stigrule_204552__etc_audit_rules_d_audit_rules_mount_b32_Line: '-a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=4294967295 -k privileged-mount'
+rhel7STIG_stigrule_204552__etc_audit_rules_d_audit_rules_mount_b64_Line: '-a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=4294967295 -k privileged-mount'
+rhel7STIG_stigrule_204552__etc_audit_rules_d_audit_rules__usr_bin_mount_Line: '-a always,exit -F path=/usr/bin/mount -F auid>=1000 -F auid!=4294967295 -k privileged-mount'
+# R-204553 RHEL-07-030750
+rhel7STIG_stigrule_204553_Manage: True
+rhel7STIG_stigrule_204553__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/bin/umount -F auid>=1000 -F auid!=4294967295 -k privileged-mount'
+# R-204554 RHEL-07-030760
+rhel7STIG_stigrule_204554_Manage: True
+rhel7STIG_stigrule_204554__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/postdrop -F auid>=1000 -F auid!=4294967295 -k privileged-postfix'
+# R-204555 RHEL-07-030770
+rhel7STIG_stigrule_204555_Manage: True
+rhel7STIG_stigrule_204555__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/postqueue -F auid>=1000 -F auid!=4294967295 -k privileged-postfix'
+# R-204556 RHEL-07-030780
+rhel7STIG_stigrule_204556_Manage: True
+rhel7STIG_stigrule_204556__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F auid>=1000 -F auid!=4294967295 -k privileged-ssh'
+# R-204557 RHEL-07-030800
+rhel7STIG_stigrule_204557_Manage: True
+rhel7STIG_stigrule_204557__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/crontab -F auid>=1000 -F auid!=4294967295 -k privileged-cron'
+# R-204558 RHEL-07-030810
+rhel7STIG_stigrule_204558_Manage: True
+rhel7STIG_stigrule_204558__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/sbin/pam_timestamp_check -F auid>=1000 -F auid!=4294967295 -k privileged-pam'
+# R-204559 RHEL-07-030819
+rhel7STIG_stigrule_204559_Manage: True
+rhel7STIG_stigrule_204559__etc_audit_audit_rules_b32_Line: '-a always,exit -F arch=b32 -S create_module -k module-change'
+rhel7STIG_stigrule_204559__etc_audit_audit_rules_b64_Line: '-a always,exit -F arch=b64 -S create_module -k module-change'
+# R-204560 RHEL-07-030820
+rhel7STIG_stigrule_204560_Manage: True
+rhel7STIG_stigrule_204560__etc_audit_rules_d_audit_rules_b32_Line: '-a always,exit -F arch=b32 -S init_module,finit_module -k modulechange'
+rhel7STIG_stigrule_204560__etc_audit_rules_d_audit_rules_b64_Line: '-a always,exit -F arch=b64 -S init_module,finit_module -k modulechange'
+# R-204562 RHEL-07-030830
+rhel7STIG_stigrule_204562_Manage: True
+rhel7STIG_stigrule_204562__etc_audit_rules_d_audit_rules_b32_Line: '-a always,exit -F arch=b32 -S delete_module -k module-change'
+rhel7STIG_stigrule_204562__etc_audit_rules_d_audit_rules_b64_Line: '-a always,exit -F arch=b64 -S delete_module -k module-change'
+# R-204563 RHEL-07-030840
+rhel7STIG_stigrule_204563_Manage: True
+rhel7STIG_stigrule_204563__etc_audit_rules_d_audit_rules_Line: '-a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset -k modules'
+# R-204564 RHEL-07-030870
+rhel7STIG_stigrule_204564_Manage: True
+rhel7STIG_stigrule_204564__etc_audit_rules_d_audit_rules_Line: '-w /etc/passwd -p wa -k identity'
+# R-204565 RHEL-07-030871
+rhel7STIG_stigrule_204565_Manage: True
+rhel7STIG_stigrule_204565__etc_audit_audit_rules_Line: '-w /etc/group -p wa -k identity'
+# R-204566 RHEL-07-030872
+rhel7STIG_stigrule_204566_Manage: True
+rhel7STIG_stigrule_204566__etc_audit_audit_rules_Line: '-w /etc/gshadow -p wa -k identity'
+# R-204567 RHEL-07-030873
+rhel7STIG_stigrule_204567_Manage: True
+rhel7STIG_stigrule_204567__etc_audit_audit_rules_Line: '-w /etc/shadow -p wa -k identity'
+# R-204568 RHEL-07-030874
+rhel7STIG_stigrule_204568_Manage: True
+rhel7STIG_stigrule_204568__etc_audit_audit_rules_Line: '-w /etc/security/opasswd -p wa -k identity'
+# R-204572 RHEL-07-030910
+rhel7STIG_stigrule_204572_Manage: True
+rhel7STIG_stigrule_204572__etc_audit_rules_d_audit_rules_b32_Line: '-a always,exit -F arch=b32 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete'
+rhel7STIG_stigrule_204572__etc_audit_rules_d_audit_rules_b64_Line: '-a always,exit -F arch=b64 -S unlink,unlinkat,rename,renameat,rmdir -F auid>=1000 -F auid!=unset -k delete'
+# R-204576 RHEL-07-040000
+rhel7STIG_stigrule_204576_Manage: True
+rhel7STIG_stigrule_204576__etc_security_limits_conf_Line: '* hard maxlogins 10'
+# R-204578 RHEL-07-040110
+rhel7STIG_stigrule_204578_Manage: True
+rhel7STIG_stigrule_204578_Ciphers_Line: Ciphers aes256-ctr,aes192-ctr,aes128-ctr
+# R-204579 RHEL-07-040160
+rhel7STIG_stigrule_204579_Manage: True
+rhel7STIG_stigrule_204579__etc_profile_d_tmout_sh_Dest: /etc/profile.d/tmout.sh
+rhel7STIG_stigrule_204579__etc_profile_d_tmout_sh_Content: '#!/bin/bash
+
+
+
+declare -xr TMOUT=900'
+# R-204580 RHEL-07-040170
+rhel7STIG_stigrule_204580_Manage: True
+rhel7STIG_stigrule_204580_banner_Line: banner /etc/issue
+# R-204584 RHEL-07-040201
+rhel7STIG_stigrule_204584_Manage: True
+rhel7STIG_stigrule_204584_kernel_randomize_va_space_Value: 2
+# R-204585 RHEL-07-040300
+rhel7STIG_stigrule_204585_Manage: True
+rhel7STIG_stigrule_204585_openssh_clients_x86_64_State: installed
+rhel7STIG_stigrule_204585_openssh_server_x86_64_State: installed
+# R-204586 RHEL-07-040310
+rhel7STIG_stigrule_204586_Manage: True
+rhel7STIG_stigrule_204586_sshd_enable_Enabled: yes
+rhel7STIG_stigrule_204586_sshd_start_State: started
+# R-204587 RHEL-07-040320
+rhel7STIG_stigrule_204587_Manage: True
+rhel7STIG_stigrule_204587_ClientAliveInterval_Line: ClientAliveInterval 600
+# R-204588 RHEL-07-040330
+rhel7STIG_stigrule_204588_Manage: True
+rhel7STIG_stigrule_204588_RhostsRSAAuthentication_Line: RhostsRSAAuthentication no
+# R-204589 RHEL-07-040340
+rhel7STIG_stigrule_204589_Manage: True
+rhel7STIG_stigrule_204589_ClientAliveCountMax_Line: ClientAliveCountMax 0
+# R-204590 RHEL-07-040350
+rhel7STIG_stigrule_204590_Manage: True
+rhel7STIG_stigrule_204590_IgnoreRhosts_Line: IgnoreRhosts yes
+# R-204591 RHEL-07-040360
+rhel7STIG_stigrule_204591_Manage: True
+rhel7STIG_stigrule_204591_PrintLastLog_Line: PrintLastLog yes
+# R-204592 RHEL-07-040370
+rhel7STIG_stigrule_204592_Manage: True
+rhel7STIG_stigrule_204592_PermitRootLogin_Line: PermitRootLogin no
+# R-204593 RHEL-07-040380
+rhel7STIG_stigrule_204593_Manage: True
+rhel7STIG_stigrule_204593_IgnoreUserKnownHosts_Line: IgnoreUserKnownHosts yes
+# R-204594 RHEL-07-040390
+rhel7STIG_stigrule_204594_Manage: True
+rhel7STIG_stigrule_204594_Protocol_Line: Protocol 2
+# R-204595 RHEL-07-040400
+rhel7STIG_stigrule_204595_Manage: True
+rhel7STIG_stigrule_204595_MACs_Line: MACs hmac-sha2-512,hmac-sha2-256
+# R-204598 RHEL-07-040430
+rhel7STIG_stigrule_204598_Manage: True
+rhel7STIG_stigrule_204598_GSSAPIAuthentication_Line: GSSAPIAuthentication no
+# R-204599 RHEL-07-040440
+rhel7STIG_stigrule_204599_Manage: True
+rhel7STIG_stigrule_204599_KerberosAuthentication_Line: KerberosAuthentication no
+# R-204600 RHEL-07-040450
+rhel7STIG_stigrule_204600_Manage: True
+rhel7STIG_stigrule_204600_StrictModes_Line: StrictModes yes
+# R-204601 RHEL-07-040460
+rhel7STIG_stigrule_204601_Manage: True
+rhel7STIG_stigrule_204601_UsePrivilegeSeparation_Line: UsePrivilegeSeparation sandbox
+# R-204602 RHEL-07-040470
+rhel7STIG_stigrule_204602_Manage: True
+rhel7STIG_stigrule_204602_Compression_Line: Compression no
+# R-204604 RHEL-07-040520
+rhel7STIG_stigrule_204604_Manage: True
+rhel7STIG_stigrule_204604_firewalld_service_State: installed
+rhel7STIG_stigrule_204604_firewalld_active_Enabled: yes
+rhel7STIG_stigrule_204604_firewalld_start_State: started
+# R-204609 RHEL-07-040610
+rhel7STIG_stigrule_204609_Manage: True
+rhel7STIG_stigrule_204609_net_ipv4_conf_all_accept_source_route_Value: 0
+# R-204610 RHEL-07-040611
+rhel7STIG_stigrule_204610_Manage: True
+rhel7STIG_stigrule_204610_net_ipv4_conf_all_rp_filter_Value: 1
+rhel7STIG_stigrule_204610_net_ipv4_conf_default_rp_filter_Value: 1
+# R-204612 RHEL-07-040620
+rhel7STIG_stigrule_204612_Manage: True
+rhel7STIG_stigrule_204612_net_ipv4_conf_default_accept_source_route_Value: 0
+# R-204613 RHEL-07-040630
+rhel7STIG_stigrule_204613_Manage: True
+rhel7STIG_stigrule_204613_net_ipv4_icmp_echo_ignore_broadcasts_Value: 1
+# R-204614 RHEL-07-040640
+rhel7STIG_stigrule_204614_Manage: True
+rhel7STIG_stigrule_204614_net_ipv4_conf_default_accept_redirects_Value: 0
+# R-204615 RHEL-07-040641
+rhel7STIG_stigrule_204615_Manage: True
+rhel7STIG_stigrule_204615_net_ipv4_conf_all_accept_redirects_Value: 0
+# R-204616 RHEL-07-040650
+rhel7STIG_stigrule_204616_Manage: True
+rhel7STIG_stigrule_204616_net_ipv4_conf_default_send_redirects_Value: 0
+# R-204617 RHEL-07-040660
+rhel7STIG_stigrule_204617_Manage: True
+rhel7STIG_stigrule_204617_net_ipv4_conf_all_send_redirects_Value: 0
+# R-204619 RHEL-07-040680
+rhel7STIG_stigrule_204619_Manage: True
+rhel7STIG_stigrule_204619_postconf__e__smtpd_client_restrictions___permit_mynetworks_reject__Command: postconf -e 'smtpd_client_restrictions = permit_mynetworks,reject'
+# R-204620 RHEL-07-040690
+rhel7STIG_stigrule_204620_Manage: True
+rhel7STIG_stigrule_204620_vsftpd_State: removed
+# R-204621 RHEL-07-040700
+rhel7STIG_stigrule_204621_Manage: True
+rhel7STIG_stigrule_204621_tftp_server_State: removed
+# R-204622 RHEL-07-040710
+rhel7STIG_stigrule_204622_Manage: True
+rhel7STIG_stigrule_204622_X11Forwarding_Line: X11Forwarding no
+# R-204624 RHEL-07-040730
+# Document the requirement for an X Windows server with the ISSO or remove.
+rhel7STIG_stigrule_204624_Manage: False
+rhel7STIG_stigrule_204624_xorg_x11_server_common_State: removed
+# R-204625 RHEL-07-040740
+rhel7STIG_stigrule_204625_Manage: True
+rhel7STIG_stigrule_204625_net_ipv4_ip_forward_Value: 0
+# R-204630 RHEL-07-040830
+rhel7STIG_stigrule_204630_Manage: True
+rhel7STIG_stigrule_204630_net_ipv6_conf_all_accept_source_route_Value: 0
+# R-204631 RHEL-07-041001
+rhel7STIG_stigrule_204631_Manage: True
+rhel7STIG_stigrule_204631_pam_pkcs11_State: installed
+# R-204634 RHEL-07-041010
+rhel7STIG_stigrule_204634_Manage: True
+rhel7STIG_stigrule_204634_nmcli_radio_wifi_off_Command: nmcli radio wifi off
+# R-214937 RHEL-07-010062
+rhel7STIG_stigrule_214937_Manage: True
+rhel7STIG_stigrule_214937__etc_dconf_db_local_d_locks_session_Line: '/org/gnome/desktop/screensaver/lock-enabled'
+# R-233307 RHEL-07-040711
+rhel7STIG_stigrule_233307_Manage: True
+rhel7STIG_stigrule_233307_X11UseLocalhost_Line: X11UseLocalhost yes
--- a/collections/ansible_collections/demo/compliance/roles/rhel7STIG/files/U_RHEL_7_STIG_V3R10_Manual-xccdf.xml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel7STIG/files/U_RHEL_7_STIG_V3R10_Manual-xccdf.xml
--- a/collections/ansible_collections/demo/compliance/roles/rhel7STIG/handlers/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel7STIG/handlers/main.yml
@@ -0,0 +1,11 @@
+- name: dconf_update
+  command: dconf update
+- name: auditd_restart
+  command: /usr/sbin/service auditd restart
+- name: ssh_restart
+  service:
+    name: sshd
+    state: restarted
+- name: do_reboot
+  reboot:
+    pre_reboot_delay: 60
--- a/collections/ansible_collections/demo/compliance/roles/rhel7STIG/tasks/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel7STIG/tasks/main.yml
--- a/collections/ansible_collections/demo/compliance/roles/rhel8STIG/callback_plugins/stig_xml.py
+++ b/collections/ansible_collections/demo/compliance/roles/rhel8STIG/callback_plugins/stig_xml.py
@@ -0,0 +1,86 @@
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from ansible.plugins.callback import CallbackBase
+from time import gmtime, strftime
+import platform
+import tempfile
+import re
+import sys
+import os
+import xml.etree.ElementTree as ET
+import xml.dom.minidom
+
+class CallbackModule(CallbackBase):
+    CALLBACK_VERSION = 2.0
+    CALLBACK_TYPE = 'xml'
+    CALLBACK_NAME = 'stig_xml'
+
+    CALLBACK_NEEDS_WHITELIST = True
+
+    def _get_STIG_path(self):
+        cwd = os.path.abspath('.')
+        for dirpath, dirs, files in os.walk(cwd):
+            if os.path.sep + 'files' in dirpath and '.xml' in files[0]:
+                return os.path.join(cwd, dirpath, files[0])
+
+    def __init__(self):
+        super(CallbackModule, self).__init__()
+        self.rules = {}
+        self.stig_path = os.environ.get('STIG_PATH')
+        self.XML_path = os.environ.get('XML_PATH')
+        if self.stig_path is None:
+            self.stig_path = self._get_STIG_path()
+        self._display.display('Using STIG_PATH: {}'.format(self.stig_path))
+        if self.XML_path is None:
+            self.XML_path = tempfile.mkdtemp() + "/xccdf-results.xml"
+        self._display.display('Using XML_PATH: {}'.format(self.XML_path))
+
+        print("Writing: {}".format(self.XML_path))
+        STIG_name = os.path.basename(self.stig_path)
+        ET.register_namespace('cdf', 'http://checklists.nist.gov/xccdf/1.2')
+        self.tr = ET.Element('{http://checklists.nist.gov/xccdf/1.2}TestResult')
+        self.tr.set('id', 'xccdf_mil.disa.stig_testresult_scap_mil.disa_comp_{}'.format(STIG_name))
+        endtime = strftime("%Y-%m-%dT%H:%M:%S", gmtime())
+        self.tr.set('end-time', endtime)
+        tg = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}target')
+        tg.text = platform.node()
+
+    def _get_rev(self, nid):
+        with open(self.stig_path, 'r') as f:
+            r = 'SV-{}r(?P<rev>\d+)_rule'.format(nid)
+            m = re.search(r, f.read())
+        if m:
+            rev = m.group('rev')
+        else:
+            rev = '0'
+        return rev
+
+    def v2_runner_on_ok(self, result):
+        name = result._task.get_name()
+        m = re.search('stigrule_(?P<id>\d+)', name)
+        if m:
+            nid = m.group('id')
+        else:
+            return
+        rev = self._get_rev(nid)
+        key = "{}r{}".format(nid, rev)
+        if self.rules.get(key, 'Unknown') != False:
+            self.rules[key] = result.is_changed()
+
+    def v2_playbook_on_stats(self, stats):
+        for rule, changed in self.rules.items():
+            state = 'fail' if changed else 'pass'
+            rr = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}rule-result')
+            rr.set('idref', 'xccdf_mil.disa.stig_rule_SV-{}_rule'.format(rule))
+            rs = ET.SubElement(rr, '{http://checklists.nist.gov/xccdf/1.2}result')
+            rs.text = state
+        passing = len(self.rules) - sum(self.rules.values())
+        sc = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}score')
+        sc.set('maximum', str(len(self.rules)))
+        sc.set('system', 'urn:xccdf:scoring:flat-unweighted')
+        sc.text = str(passing)
+        with open(self.XML_path, 'wb') as f:
+            out = ET.tostring(self.tr)
+            pretty = xml.dom.minidom.parseString(out).toprettyxml(encoding='utf-8')
+            f.write(pretty)
--- a/collections/ansible_collections/demo/compliance/roles/rhel8STIG/defaults/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel8STIG/defaults/main.yml
@@ -0,0 +1,571 @@
+# R-230225 RHEL-08-010040
+rhel8STIG_stigrule_230225_Manage: True
+rhel8STIG_stigrule_230225_banner_Line: banner /etc/issue
+# R-230226 RHEL-08-010050
+rhel8STIG_stigrule_230226_Manage: True
+rhel8STIG_stigrule_230226__etc_dconf_db_local_d_01_banner_message_Value: '''You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.\nBy using this IS (which includes any device attached to this IS), you consent to the following conditions:\n-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.\n-At any time, the USG may inspect and seize data stored on this IS.\n-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.\n-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.\n-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.'''
+# R-230227 RHEL-08-010060
+rhel8STIG_stigrule_230227_Manage: True
+rhel8STIG_stigrule_230227__etc_issue_Dest: /etc/issue
+rhel8STIG_stigrule_230227__etc_issue_Content: 'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
+
+-At any time, the USG may inspect and seize data stored on this IS.
+
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
+
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
+
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.
+
+'
+# R-230228 RHEL-08-010070
+rhel8STIG_stigrule_230228_Manage: True
+rhel8STIG_stigrule_230228__etc_rsyslog_conf_Line: 'auth.*;authpriv.*;daemon.* /var/log/secure'
+# R-230231 RHEL-08-010110
+rhel8STIG_stigrule_230231_Manage: True
+rhel8STIG_stigrule_230231__etc_login_defs_Line: 'ENCRYPT_METHOD SHA512'
+# R-230236 RHEL-08-010151
+rhel8STIG_stigrule_230236_Manage: True
+rhel8STIG_stigrule_230236__usr_lib_systemd_system_rescue_service_Value: '-/usr/lib/systemd/systemd-sulogin-shell rescue'
+# R-230239 RHEL-08-010162
+rhel8STIG_stigrule_230239_Manage: True
+rhel8STIG_stigrule_230239_krb5_workstation_State: removed
+# R-230240 RHEL-08-010170
+rhel8STIG_stigrule_230240_Manage: True
+rhel8STIG_stigrule_230240__etc_selinux_config_Line: 'SELINUX=enforcing'
+# R-230241 RHEL-08-010171
+rhel8STIG_stigrule_230241_Manage: True
+rhel8STIG_stigrule_230241_policycoreutils_State: installed
+# R-230244 RHEL-08-010200
+rhel8STIG_stigrule_230244_Manage: True
+rhel8STIG_stigrule_230244_ClientAliveCountMax_Line: ClientAliveCountMax 1
+# R-230252 RHEL-08-010291
+rhel8STIG_stigrule_230252_Manage: True
+rhel8STIG_stigrule_230252__etc_sysconfig_sshd_Line: '# CRYPTO_POLICY='
+# R-230255 RHEL-08-010294
+rhel8STIG_stigrule_230255_Manage: True
+rhel8STIG_stigrule_230255__etc_crypto_policies_back_ends_opensslcnf_config_Line: 'MinProtocol = TLSv1.2'
+# R-230256 RHEL-08-010295
+rhel8STIG_stigrule_230256_Manage: True
+rhel8STIG_stigrule_230256__etc_crypto_policies_back_ends_gnutls_config_Line: '+VERS-ALL:-VERS-DTLS0.9:-VERS-SSL3.0:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-DTLS1.0'
+# R-230265 RHEL-08-010371
+rhel8STIG_stigrule_230265_Manage: True
+rhel8STIG_stigrule_230265__etc_dnf_dnf_conf_Value: '1'
+# R-230266 RHEL-08-010372
+rhel8STIG_stigrule_230266_Manage: True
+rhel8STIG_stigrule_230266__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.kexec_load_disabled = 1'
+# R-230267 RHEL-08-010373
+rhel8STIG_stigrule_230267_Manage: True
+rhel8STIG_stigrule_230267__etc_sysctl_d_99_sysctl_conf_Line: 'fs.protected_symlinks = 1'
+# R-230268 RHEL-08-010374
+rhel8STIG_stigrule_230268_Manage: True
+rhel8STIG_stigrule_230268__etc_sysctl_d_99_sysctl_conf_Line: 'fs.protected_hardlinks = 1'
+# R-230269 RHEL-08-010375
+rhel8STIG_stigrule_230269_Manage: True
+rhel8STIG_stigrule_230269__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.dmesg_restrict = 1'
+# R-230270 RHEL-08-010376
+rhel8STIG_stigrule_230270_Manage: True
+rhel8STIG_stigrule_230270__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.perf_event_paranoid = 2'
+# R-230273 RHEL-08-010390
+rhel8STIG_stigrule_230273_Manage: True
+rhel8STIG_stigrule_230273_esc_State: installed
+rhel8STIG_stigrule_230273_openssl_pkcs11_State: installed
+# R-230275 RHEL-08-010410
+rhel8STIG_stigrule_230275_Manage: True
+rhel8STIG_stigrule_230275_opensc_State: installed
+# R-230280 RHEL-08-010430
+rhel8STIG_stigrule_230280_Manage: True
+rhel8STIG_stigrule_230280__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.randomize_va_space = 2'
+# R-230281 RHEL-08-010440
+rhel8STIG_stigrule_230281_Manage: True
+rhel8STIG_stigrule_230281__etc_dnf_dnf_conf_Value: 'True'
+# R-230282 RHEL-08-010450
+rhel8STIG_stigrule_230282_Manage: True
+rhel8STIG_stigrule_230282__etc_selinux_config_Line: 'SELINUXTYPE=targeted'
+# R-230285 RHEL-08-010471
+rhel8STIG_stigrule_230285_Manage: True
+rhel8STIG_stigrule_230285_rngd_enable_Enabled: yes
+rhel8STIG_stigrule_230285_rngd_start_State: started
+# R-230288 RHEL-08-010500
+rhel8STIG_stigrule_230288_Manage: True
+rhel8STIG_stigrule_230288_StrictModes_Line: StrictModes yes
+# R-230290 RHEL-08-010520
+rhel8STIG_stigrule_230290_Manage: True
+rhel8STIG_stigrule_230290_IgnoreUserKnownHosts_Line: IgnoreUserKnownHosts yes
+# R-230291 RHEL-08-010521
+rhel8STIG_stigrule_230291_Manage: True
+rhel8STIG_stigrule_230291_KerberosAuthentication_Line: KerberosAuthentication no
+# R-230296 RHEL-08-010550
+rhel8STIG_stigrule_230296_Manage: True
+rhel8STIG_stigrule_230296_PermitRootLogin_Line: PermitRootLogin no
+# R-230298 RHEL-08-010561
+rhel8STIG_stigrule_230298_Manage: True
+rhel8STIG_stigrule_230298_rsyslog_enable_Enabled: yes
+rhel8STIG_stigrule_230298_rsyslog_start_State: started
+# R-230310 RHEL-08-010670
+# If kernel core dumps are required, document the need with the ISSO.
+rhel8STIG_stigrule_230310_Manage: True
+rhel8STIG_stigrule_230310_kdump_disable_Enabled: no
+# R-230311 RHEL-08-010671
+rhel8STIG_stigrule_230311_Manage: True
+rhel8STIG_stigrule_230311__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.core_pattern=|/bin/false'
+rhel8STIG_stigrule_230311_kernel_core_pattern_Value: '|/bin/false'
+# R-230313 RHEL-08-010673
+rhel8STIG_stigrule_230313_Manage: True
+rhel8STIG_stigrule_230313__etc_security_limits_conf_Line: '* hard core 0'
+# R-230314 RHEL-08-010674
+rhel8STIG_stigrule_230314_Manage: True
+rhel8STIG_stigrule_230314__etc_systemd_coredump_conf_Line: 'Storage=none'
+# R-230315 RHEL-08-010675
+rhel8STIG_stigrule_230315_Manage: True
+rhel8STIG_stigrule_230315__etc_systemd_coredump_conf_Line: 'ProcessSizeMax=0'
+# R-230324 RHEL-08-010760
+rhel8STIG_stigrule_230324_Manage: True
+rhel8STIG_stigrule_230324__etc_login_defs_Line: 'CREATE_HOME yes'
+# R-230329 RHEL-08-010820
+rhel8STIG_stigrule_230329_Manage: True
+rhel8STIG_stigrule_230329__etc_gdm_custom_conf_Value: 'false'
+# R-230330 RHEL-08-010830
+rhel8STIG_stigrule_230330_Manage: True
+rhel8STIG_stigrule_230330_PermitUserEnvironment_Line: PermitUserEnvironment no
+# R-230346 RHEL-08-020024
+rhel8STIG_stigrule_230346_Manage: True
+rhel8STIG_stigrule_230346__etc_security_limits_conf_Line: '* hard maxlogins 10'
+# R-230347 RHEL-08-020030
+rhel8STIG_stigrule_230347_Manage: True
+rhel8STIG_stigrule_230347__etc_dconf_db_local_d_00_screensaver_Value: 'true'
+# R-230348 RHEL-08-020040
+rhel8STIG_stigrule_230348_Manage: True
+rhel8STIG_stigrule_230348_ensure_tmux_is_installed_State: installed
+rhel8STIG_stigrule_230348__etc_tmux_conf_Line: 'set -g lock-command vlock'
+# R-230349 RHEL-08-020041
+rhel8STIG_stigrule_230349_Manage: True
+rhel8STIG_stigrule_230349__etc_bashrc_Line: '[ -n "$PS1" -a -z "$TMUX" ] && exec tmux'
+# R-230352 RHEL-08-020060
+rhel8STIG_stigrule_230352_Manage: True
+rhel8STIG_stigrule_230352__etc_dconf_db_local_d_00_screensaver_Value: 'uint32 900'
+# R-230353 RHEL-08-020070
+rhel8STIG_stigrule_230353_Manage: True
+rhel8STIG_stigrule_230353__etc_tmux_conf_Line: 'set -g lock-after-time 900'
+# R-230354 RHEL-08-020080
+rhel8STIG_stigrule_230354_Manage: True
+rhel8STIG_stigrule_230354__etc_dconf_db_local_d_locks_session_Line: '/org/gnome/desktop/screensaver/lock-delay'
+# R-230357 RHEL-08-020110
+rhel8STIG_stigrule_230357_Manage: True
+rhel8STIG_stigrule_230357__etc_security_pwquality_conf_Line: 'ucredit = -1'
+# R-230358 RHEL-08-020120
+rhel8STIG_stigrule_230358_Manage: True
+rhel8STIG_stigrule_230358__etc_security_pwquality_conf_Line: 'lcredit = -1'
+# R-230359 RHEL-08-020130
+rhel8STIG_stigrule_230359_Manage: True
+rhel8STIG_stigrule_230359__etc_security_pwquality_conf_Line: 'dcredit = -1'
+# R-230360 RHEL-08-020140
+rhel8STIG_stigrule_230360_Manage: True
+rhel8STIG_stigrule_230360__etc_security_pwquality_conf_Line: 'maxclassrepeat = 4'
+# R-230361 RHEL-08-020150
+rhel8STIG_stigrule_230361_Manage: True
+rhel8STIG_stigrule_230361__etc_security_pwquality_conf_Line: 'maxrepeat = 3'
+# R-230362 RHEL-08-020160
+rhel8STIG_stigrule_230362_Manage: True
+rhel8STIG_stigrule_230362__etc_security_pwquality_conf_Line: 'minclass = 4'
+# R-230363 RHEL-08-020170
+rhel8STIG_stigrule_230363_Manage: True
+rhel8STIG_stigrule_230363__etc_security_pwquality_conf_Line: 'difok = 8'
+# R-230365 RHEL-08-020190
+rhel8STIG_stigrule_230365_Manage: True
+rhel8STIG_stigrule_230365__etc_login_defs_Line: 'PASS_MIN_DAYS 1'
+# R-230366 RHEL-08-020200
+rhel8STIG_stigrule_230366_Manage: True
+rhel8STIG_stigrule_230366__etc_login_defs_Line: 'PASS_MAX_DAYS 60'
+# R-230369 RHEL-08-020230
+rhel8STIG_stigrule_230369_Manage: True
+rhel8STIG_stigrule_230369__etc_security_pwquality_conf_Line: 'minlen = 15'
+# R-230370 RHEL-08-020231
+rhel8STIG_stigrule_230370_Manage: True
+rhel8STIG_stigrule_230370__etc_login_defs_Line: 'PASS_MIN_LEN 15'
+# R-230375 RHEL-08-020280
+rhel8STIG_stigrule_230375_Manage: True
+rhel8STIG_stigrule_230375__etc_security_pwquality_conf_Line: 'ocredit = -1'
+# R-230377 RHEL-08-020300
+rhel8STIG_stigrule_230377_Manage: True
+rhel8STIG_stigrule_230377__etc_security_pwquality_conf_Line: 'dictcheck = 1'
+# R-230378 RHEL-08-020310
+rhel8STIG_stigrule_230378_Manage: True
+rhel8STIG_stigrule_230378__etc_login_defs_Line: 'FAIL_DELAY 4'
+# R-230382 RHEL-08-020350
+rhel8STIG_stigrule_230382_Manage: True
+rhel8STIG_stigrule_230382_PrintLastLog_Line: PrintLastLog yes
+# R-230383 RHEL-08-020351
+rhel8STIG_stigrule_230383_Manage: True
+rhel8STIG_stigrule_230383__etc_login_defs_Line: 'UMASK 077'
+# R-230386 RHEL-08-030000
+rhel8STIG_stigrule_230386_Manage: True
+rhel8STIG_stigrule_230386__etc_audit_rules_d_audit_rules_execve_euid_b32_Line: '-a always,exit -F arch=b32 -S execve -C uid!=euid -F euid=0 -k execpriv'
+rhel8STIG_stigrule_230386__etc_audit_rules_d_audit_rules_execve_euid_b64_Line: '-a always,exit -F arch=b64 -S execve -C uid!=euid -F euid=0 -k execpriv'
+rhel8STIG_stigrule_230386__etc_audit_rules_d_audit_rules_execve_egid_b32_Line: '-a always,exit -F arch=b32 -S execve -C gid!=egid -F egid=0 -k execpriv'
+rhel8STIG_stigrule_230386__etc_audit_rules_d_audit_rules_execve_egid_b64_Line: '-a always,exit -F arch=b64 -S execve -C gid!=egid -F egid=0 -k execpriv'
+# R-230387 RHEL-08-030010
+rhel8STIG_stigrule_230387_Manage: True
+rhel8STIG_stigrule_230387__etc_rsyslog_conf_Line: 'cron.* /var/log/cron'
+# R-230388 RHEL-08-030020
+rhel8STIG_stigrule_230388_Manage: True
+rhel8STIG_stigrule_230388__etc_audit_auditd_conf_Line: 'action_mail_acct = root'
+# R-230389 RHEL-08-030030
+rhel8STIG_stigrule_230389_Manage: True
+rhel8STIG_stigrule_230389__etc_aliases_Line: 'postmaster: root'
+# R-230390 RHEL-08-030040
+rhel8STIG_stigrule_230390_Manage: True
+rhel8STIG_stigrule_230390__etc_audit_auditd_conf_Line: 'disk_error_action = HALT'
+# R-230392 RHEL-08-030060
+rhel8STIG_stigrule_230392_Manage: True
+rhel8STIG_stigrule_230392__etc_audit_auditd_conf_Line: 'disk_full_action = HALT'
+# R-230393 RHEL-08-030061
+rhel8STIG_stigrule_230393_Manage: True
+rhel8STIG_stigrule_230393__etc_audit_auditd_conf_Line: 'local_events = yes'
+# R-230394 RHEL-08-030062
+rhel8STIG_stigrule_230394_Manage: True
+rhel8STIG_stigrule_230394__etc_audit_auditd_conf_Line: 'name_format = hostname'
+# R-230395 RHEL-08-030063
+rhel8STIG_stigrule_230395_Manage: True
+rhel8STIG_stigrule_230395__etc_audit_auditd_conf_Line: 'log_format = ENRICHED'
+# R-230396 RHEL-08-030070
+rhel8STIG_stigrule_230396_Manage: True
+rhel8STIG_stigrule_230396__etc_audit_auditd_conf_Line: 'log_group = root'
+# R-230398 RHEL-08-030090
+# A duplicate of 230396
+# duplicate of 230396
+# R-230402 RHEL-08-030121
+rhel8STIG_stigrule_230402_Manage: True
+rhel8STIG_stigrule_230402__etc_audit_rules_d_audit_rules_e2_Line: '-e 2'
+# R-230403 RHEL-08-030122
+rhel8STIG_stigrule_230403_Manage: True
+rhel8STIG_stigrule_230403__etc_audit_rules_d_audit_rules_loginuid_immutable_Line: '--loginuid-immutable'
+# R-230404 RHEL-08-030130
+rhel8STIG_stigrule_230404_Manage: True
+rhel8STIG_stigrule_230404__etc_audit_rules_d_audit_rules__etc_shadow_Line: '-w /etc/shadow -p wa -k identity'
+# R-230405 RHEL-08-030140
+rhel8STIG_stigrule_230405_Manage: True
+rhel8STIG_stigrule_230405__etc_audit_rules_d_audit_rules__etc_security_opasswd_Line: '-w /etc/security/opasswd -p wa -k identity'
+# R-230406 RHEL-08-030150
+rhel8STIG_stigrule_230406_Manage: True
+rhel8STIG_stigrule_230406__etc_audit_rules_d_audit_rules__etc_passwd_Line: '-w /etc/passwd -p wa -k identity'
+# R-230407 RHEL-08-030160
+rhel8STIG_stigrule_230407_Manage: True
+rhel8STIG_stigrule_230407__etc_audit_rules_d_audit_rules__etc_gshadow_Line: '-w /etc/gshadow -p wa -k identity'
+# R-230408 RHEL-08-030170
+rhel8STIG_stigrule_230408_Manage: True
+rhel8STIG_stigrule_230408__etc_audit_rules_d_audit_rules__etc_group_Line: '-w /etc/group -p wa -k identity'
+# R-230409 RHEL-08-030171
+rhel8STIG_stigrule_230409_Manage: True
+rhel8STIG_stigrule_230409__etc_audit_rules_d_audit_rules__etc_sudoers_Line: '-w /etc/sudoers -p wa -k identity'
+# R-230410 RHEL-08-030172
+rhel8STIG_stigrule_230410_Manage: True
+rhel8STIG_stigrule_230410__etc_audit_rules_d_audit_rules__etc_sudoers_d__Line: '-w /etc/sudoers.d/ -p wa -k identity'
+# R-230411 RHEL-08-030180
+rhel8STIG_stigrule_230411_Manage: True
+rhel8STIG_stigrule_230411_audit_State: installed
+# R-230412 RHEL-08-030190
+rhel8STIG_stigrule_230412_Manage: True
+rhel8STIG_stigrule_230412__etc_audit_rules_d_audit_rules__usr_bin_su_Line: '-a always,exit -F path=/usr/bin/su -F perm=x -F auid>=1000 -F auid!=unset -k privileged-priv_change'
+# R-230413 RHEL-08-030200
+rhel8STIG_stigrule_230413_Manage: True
+rhel8STIG_stigrule_230413__etc_audit_rules_d_audit_rules_lremovexattr_b32_unset_Line: '-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod'
+rhel8STIG_stigrule_230413__etc_audit_rules_d_audit_rules_lremovexattr_b64_unset_Line: '-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid>=1000 -F auid!=unset -k perm_mod'
+rhel8STIG_stigrule_230413__etc_audit_rules_d_audit_rules_lremovexattr_b32_Line: '-a always,exit -F arch=b32 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod'
+rhel8STIG_stigrule_230413__etc_audit_rules_d_audit_rules_lremovexattr_b64_Line: '-a always,exit -F arch=b64 -S setxattr,fsetxattr,lsetxattr,removexattr,fremovexattr,lremovexattr -F auid=0 -k perm_mod'
+# R-230418 RHEL-08-030250
+rhel8STIG_stigrule_230418_Manage: True
+rhel8STIG_stigrule_230418__etc_audit_rules_d_audit_rules__usr_bin_chage_Line: '-a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F auid!=unset -k privileged-chage'
+# R-230419 RHEL-08-030260
+rhel8STIG_stigrule_230419_Manage: True
+rhel8STIG_stigrule_230419__etc_audit_rules_d_audit_rules__usr_bin_chcon_Line: '-a always,exit -F path=/usr/bin/chcon -F perm=x -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-230421 RHEL-08-030280
+rhel8STIG_stigrule_230421_Manage: True
+rhel8STIG_stigrule_230421__etc_audit_rules_d_audit_rules__usr_bin_ssh_agent_Line: '-a always,exit -F path=/usr/bin/ssh-agent -F perm=x -F auid>=1000 -F auid!=unset -k privileged-ssh'
+# R-230422 RHEL-08-030290
+rhel8STIG_stigrule_230422_Manage: True
+rhel8STIG_stigrule_230422__etc_audit_rules_d_audit_rules__usr_bin_passwd_Line: '-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F auid!=unset -k privileged-passwd'
+# R-230423 RHEL-08-030300
+rhel8STIG_stigrule_230423_Manage: True
+rhel8STIG_stigrule_230423__etc_audit_rules_d_audit_rules__usr_bin_mount_Line: '-a always,exit -F path=/usr/bin/mount -F perm=x -F auid>=1000 -F auid!=unset -k privileged-mount'
+# R-230424 RHEL-08-030301
+rhel8STIG_stigrule_230424_Manage: True
+rhel8STIG_stigrule_230424__etc_audit_rules_d_audit_rules__usr_bin_umount_Line: '-a always,exit -F path=/usr/bin/umount -F perm=x -F auid>=1000 -F auid!=unset -k privileged-mount'
+# R-230425 RHEL-08-030302
+rhel8STIG_stigrule_230425_Manage: True
+rhel8STIG_stigrule_230425__etc_audit_rules_d_audit_rules_mount_b32_Line: '-a always,exit -F arch=b32 -S mount -F auid>=1000 -F auid!=unset -k privileged-mount'
+rhel8STIG_stigrule_230425__etc_audit_rules_d_audit_rules_mount_b64_Line: '-a always,exit -F arch=b64 -S mount -F auid>=1000 -F auid!=unset -k privileged-mount'
+# R-230426 RHEL-08-030310
+rhel8STIG_stigrule_230426_Manage: True
+rhel8STIG_stigrule_230426__etc_audit_rules_d_audit_rules__usr_sbin_unix_update_Line: '-a always,exit -F path=/usr/sbin/unix_update -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230427 RHEL-08-030311
+rhel8STIG_stigrule_230427_Manage: True
+rhel8STIG_stigrule_230427__etc_audit_rules_d_audit_rules__usr_sbin_postdrop_Line: '-a always,exit -F path=/usr/sbin/postdrop -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230428 RHEL-08-030312
+rhel8STIG_stigrule_230428_Manage: True
+rhel8STIG_stigrule_230428__etc_audit_rules_d_audit_rules__usr_sbin_postqueue_Line: '-a always,exit -F path=/usr/sbin/postqueue -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230429 RHEL-08-030313
+rhel8STIG_stigrule_230429_Manage: True
+rhel8STIG_stigrule_230429__etc_audit_rules_d_audit_rules__usr_sbin_semanage_Line: '-a always,exit -F path=/usr/sbin/semanage -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230430 RHEL-08-030314
+rhel8STIG_stigrule_230430_Manage: True
+rhel8STIG_stigrule_230430__etc_audit_rules_d_audit_rules__usr_sbin_setfiles_Line: '-a always,exit -F path=/usr/sbin/setfiles -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230431 RHEL-08-030315
+rhel8STIG_stigrule_230431_Manage: True
+rhel8STIG_stigrule_230431__etc_audit_rules_d_audit_rules__usr_sbin_userhelper_Line: '-a always,exit -F path=/usr/sbin/userhelper -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230432 RHEL-08-030316
+rhel8STIG_stigrule_230432_Manage: True
+rhel8STIG_stigrule_230432__etc_audit_rules_d_audit_rules__usr_sbin_setsebool_Line: '-a always,exit -F path=/usr/sbin/setsebool -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230433 RHEL-08-030317
+rhel8STIG_stigrule_230433_Manage: True
+rhel8STIG_stigrule_230433__etc_audit_rules_d_audit_rules__usr_sbin_unix_chkpwd_Line: '-a always,exit -F path=/usr/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F auid!=unset -k privileged-unix-update'
+# R-230434 RHEL-08-030320
+rhel8STIG_stigrule_230434_Manage: True
+rhel8STIG_stigrule_230434__etc_audit_rules_d_audit_rules__usr_libexec_openssh_ssh_keysign_Line: '-a always,exit -F path=/usr/libexec/openssh/ssh-keysign -F perm=x -F auid>=1000 -F auid!=unset -k privileged-ssh'
+# R-230435 RHEL-08-030330
+rhel8STIG_stigrule_230435_Manage: True
+rhel8STIG_stigrule_230435__etc_audit_rules_d_audit_rules__usr_bin_setfacl_Line: '-a always,exit -F path=/usr/bin/setfacl -F perm=x -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-230436 RHEL-08-030340
+rhel8STIG_stigrule_230436_Manage: True
+rhel8STIG_stigrule_230436__etc_audit_rules_d_audit_rules__usr_sbin_pam_timestamp_check_Line: '-a always,exit -F path=/usr/sbin/pam_timestamp_check -F perm=x -F auid>=1000 -F auid!=unset -k privileged-pam_timestamp_check'
+# R-230437 RHEL-08-030350
+rhel8STIG_stigrule_230437_Manage: True
+rhel8STIG_stigrule_230437__etc_audit_rules_d_audit_rules__usr_bin_newgrp_Line: '-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F auid!=unset -k priv_cmd'
+# R-230438 RHEL-08-030360
+rhel8STIG_stigrule_230438_Manage: True
+rhel8STIG_stigrule_230438__etc_audit_rules_d_audit_rules_init_module_b32_Line: '-a always,exit -F arch=b32 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng'
+rhel8STIG_stigrule_230438__etc_audit_rules_d_audit_rules_init_module_b64_Line: '-a always,exit -F arch=b64 -S init_module,finit_module -F auid>=1000 -F auid!=unset -k module_chng'
+# R-230439 RHEL-08-030361
+rhel8STIG_stigrule_230439_Manage: True
+rhel8STIG_stigrule_230439__etc_audit_rules_d_audit_rules_rename_b32_Line: '-a always,exit -F arch=b32 -S rename -F auid>=1000 -F auid!=unset -k module_chng'
+rhel8STIG_stigrule_230439__etc_audit_rules_d_audit_rules_rename_b64_Line: '-a always,exit -F arch=b64 -S rename -F auid>=1000 -F auid!=unset -k module_chng'
+# R-230444 RHEL-08-030370
+rhel8STIG_stigrule_230444_Manage: True
+rhel8STIG_stigrule_230444__etc_audit_rules_d_audit_rules__usr_bin_gpasswd_Line: '-a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F auid!=unset -k privileged-gpasswd'
+# R-230446 RHEL-08-030390
+rhel8STIG_stigrule_230446_Manage: True
+rhel8STIG_stigrule_230446__etc_audit_rules_d_audit_rules_delete_module_b32_Line: '-a always,exit -F arch=b32 -S delete_module -F auid>=1000 -F auid!=unset -k module_chng'
+rhel8STIG_stigrule_230446__etc_audit_rules_d_audit_rules_delete_module_b64_Line: '-a always,exit -F arch=b64 -S delete_module -F auid>=1000 -F auid!=unset -k module_chng'
+# R-230447 RHEL-08-030400
+rhel8STIG_stigrule_230447_Manage: True
+rhel8STIG_stigrule_230447__etc_audit_rules_d_audit_rules__usr_bin_crontab_Line: '-a always,exit -F path=/usr/bin/crontab -F perm=x -F auid>=1000 -F auid!=unset -k privileged-crontab'
+# R-230448 RHEL-08-030410
+rhel8STIG_stigrule_230448_Manage: True
+rhel8STIG_stigrule_230448__etc_audit_rules_d_audit_rules__usr_bin_chsh_Line: '-a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=unset -k priv_cmd'
+# R-230449 RHEL-08-030420
+rhel8STIG_stigrule_230449_Manage: True
+rhel8STIG_stigrule_230449__etc_audit_rules_d_audit_rules_truncate_EPERM_b32_Line: '-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access'
+rhel8STIG_stigrule_230449__etc_audit_rules_d_audit_rules_truncate_EPERM_b64_Line: '-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EPERM -F auid>=1000 -F auid!=unset -k perm_access'
+rhel8STIG_stigrule_230449__etc_audit_rules_d_audit_rules_truncate_EACCES_b32_Line: '-a always,exit -F arch=b32 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access'
+rhel8STIG_stigrule_230449__etc_audit_rules_d_audit_rules_truncate_EACCES_b64_Line: '-a always,exit -F arch=b64 -S truncate,ftruncate,creat,open,openat,open_by_handle_at -F exit=-EACCES -F auid>=1000 -F auid!=unset -k perm_access'
+# R-230455 RHEL-08-030480
+rhel8STIG_stigrule_230455_Manage: True
+rhel8STIG_stigrule_230455__etc_audit_rules_d_audit_rules_chown_b32_Line: '-a always,exit -F arch=b32 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod'
+rhel8STIG_stigrule_230455__etc_audit_rules_d_audit_rules_chown_b64_Line: '-a always,exit -F arch=b64 -S chown,fchown,fchownat,lchown -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-230456 RHEL-08-030490
+rhel8STIG_stigrule_230456_Manage: True
+rhel8STIG_stigrule_230456__etc_audit_rules_d_audit_rules_chmod_b32_Line: '-a always,exit -F arch=b32 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod'
+rhel8STIG_stigrule_230456__etc_audit_rules_d_audit_rules_chmod_b64_Line: '-a always,exit -F arch=b64 -S chmod,fchmod,fchmodat -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-230462 RHEL-08-030550
+rhel8STIG_stigrule_230462_Manage: True
+rhel8STIG_stigrule_230462__etc_audit_rules_d_audit_rules__usr_bin_sudo_Line: '-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=unset -k priv_cmd'
+# R-230463 RHEL-08-030560
+rhel8STIG_stigrule_230463_Manage: True
+rhel8STIG_stigrule_230463__etc_audit_rules_d_audit_rules__usr_sbin_usermod_Line: '-a always,exit -F path=/usr/sbin/usermod -F perm=x -F auid>=1000 -F auid!=unset -k privileged-usermod'
+# R-230464 RHEL-08-030570
+rhel8STIG_stigrule_230464_Manage: True
+rhel8STIG_stigrule_230464__etc_audit_rules_d_audit_rules__usr_bin_chacl_Line: '-a always,exit -F path=/usr/bin/chacl -F perm=x -F auid>=1000 -F auid!=unset -k perm_mod'
+# R-230465 RHEL-08-030580
+rhel8STIG_stigrule_230465_Manage: True
+rhel8STIG_stigrule_230465__etc_audit_rules_d_audit_rules__usr_bin_kmod_Line: '-a always,exit -F path=/usr/bin/kmod -F perm=x -F auid>=1000 -F auid!=unset -k modules'
+# R-230466 RHEL-08-030590
+rhel8STIG_stigrule_230466_Manage: True
+rhel8STIG_stigrule_230466__etc_audit_rules_d_audit_rules__var_log_faillock_Line: '-w /var/log/faillock -p wa -k logins'
+# R-230467 RHEL-08-030600
+rhel8STIG_stigrule_230467_Manage: True
+rhel8STIG_stigrule_230467__etc_audit_rules_d_audit_rules__var_log_lastlog_Line: '-w /var/log/lastlog -p wa -k logins'
+# R-230477 RHEL-08-030670
+rhel8STIG_stigrule_230477_Manage: True
+rhel8STIG_stigrule_230477_rsyslog_State: installed
+# R-230478 RHEL-08-030680
+rhel8STIG_stigrule_230478_Manage: True
+rhel8STIG_stigrule_230478_rsyslog_gnutls_State: installed
+# R-230480 RHEL-08-030700
+rhel8STIG_stigrule_230480_Manage: True
+rhel8STIG_stigrule_230480__etc_audit_auditd_conf_Line: 'overflow_action = syslog'
+# R-230481 RHEL-08-030710
+rhel8STIG_stigrule_230481_Manage: True
+rhel8STIG_stigrule_230481__etc_rsyslog_conf_DefaultNetstreamDriver_Line: '$DefaultNetstreamDriver gtls'
+rhel8STIG_stigrule_230481__etc_rsyslog_conf_ActionSendStreamDriverMode_Line: '$ActionSendStreamDriverMode 1'
+# R-230482 RHEL-08-030720
+rhel8STIG_stigrule_230482_Manage: True
+rhel8STIG_stigrule_230482__etc_rsyslog_conf_DefaultNetstreamDriver_Line: '$ActionSendStreamDriverAuthMode x509/name'
+# R-230483 RHEL-08-030730
+rhel8STIG_stigrule_230483_Manage: True
+rhel8STIG_stigrule_230483__etc_audit_auditd_conf_space_left_Line: 'space_left = 25%'
+# R-230487 RHEL-08-040000
+rhel8STIG_stigrule_230487_Manage: True
+rhel8STIG_stigrule_230487_telnet_server_State: removed
+# R-230488 RHEL-08-040001
+rhel8STIG_stigrule_230488_Manage: True
+rhel8STIG_stigrule_230488_abrt__State: removed
+# R-230489 RHEL-08-040002
+rhel8STIG_stigrule_230489_Manage: True
+rhel8STIG_stigrule_230489_sendmail_State: removed
+# R-230492 RHEL-08-040010
+rhel8STIG_stigrule_230492_Manage: True
+rhel8STIG_stigrule_230492_rsh_server_State: removed
+# R-230502 RHEL-08-040070
+rhel8STIG_stigrule_230502_Manage: True
+rhel8STIG_stigrule_230502_autofs_stop_State: stopped
+rhel8STIG_stigrule_230502_autofs_disable_Enabled: no
+# R-230505 RHEL-08-040100
+rhel8STIG_stigrule_230505_Manage: True
+rhel8STIG_stigrule_230505_firewalld_noarch_State: installed
+# R-230506 RHEL-08-040110
+rhel8STIG_stigrule_230506_Manage: True
+rhel8STIG_stigrule_230506_nmcli_radio_wifi_off_Command: nmcli radio wifi off
+# R-230526 RHEL-08-040160
+rhel8STIG_stigrule_230526_Manage: True
+rhel8STIG_stigrule_230526_ensure_openssh_server_x86_64_is_installed_State: installed
+rhel8STIG_stigrule_230526_sshd_enable_Enabled: yes
+# R-230527 RHEL-08-040161
+rhel8STIG_stigrule_230527_Manage: True
+rhel8STIG_stigrule_230527_RekeyLimit_Line: RekeyLimit 1G 1h
+# R-230529 RHEL-08-040170
+rhel8STIG_stigrule_230529_Manage: True
+rhel8STIG_stigrule_230529_systemctl_mask_ctrl_alt_del_target_Command: systemctl mask ctrl-alt-del.target
+# R-230531 RHEL-08-040172
+rhel8STIG_stigrule_230531_Manage: True
+rhel8STIG_stigrule_230531__etc_systemd_system_conf_Value: 'none'
+# R-230533 RHEL-08-040190
+rhel8STIG_stigrule_230533_Manage: True
+rhel8STIG_stigrule_230533_tftp_server_State: removed
+# R-230535 RHEL-08-040210
+rhel8STIG_stigrule_230535_Manage: True
+rhel8STIG_stigrule_230535_net_ipv6_conf_default_accept_redirects_Value: 0
+# R-230536 RHEL-08-040220
+rhel8STIG_stigrule_230536_Manage: True
+rhel8STIG_stigrule_230536_net_ipv4_conf_all_send_redirects_Value: 0
+# R-230537 RHEL-08-040230
+rhel8STIG_stigrule_230537_Manage: True
+rhel8STIG_stigrule_230537_net_ipv4_icmp_echo_ignore_broadcasts_Value: 1
+# R-230538 RHEL-08-040240
+rhel8STIG_stigrule_230538_Manage: True
+rhel8STIG_stigrule_230538_net_ipv6_conf_all_accept_source_route_Value: 0
+# R-230539 RHEL-08-040250
+rhel8STIG_stigrule_230539_Manage: True
+rhel8STIG_stigrule_230539_net_ipv6_conf_default_accept_source_route_Value: 0
+# R-230540 RHEL-08-040260
+rhel8STIG_stigrule_230540_Manage: True
+rhel8STIG_stigrule_230540_net_ipv4_ip_forward_Value: 0
+rhel8STIG_stigrule_230540_net_ipv6_conf_all_forwarding_Value: 0
+# R-230541 RHEL-08-040261
+rhel8STIG_stigrule_230541_Manage: True
+rhel8STIG_stigrule_230541_net_ipv6_conf_all_accept_ra_Value: 0
+# R-230542 RHEL-08-040262
+rhel8STIG_stigrule_230542_Manage: True
+rhel8STIG_stigrule_230542_net_ipv6_conf_default_accept_ra_Value: 0
+# R-230543 RHEL-08-040270
+rhel8STIG_stigrule_230543_Manage: True
+rhel8STIG_stigrule_230543_net_ipv4_conf_default_send_redirects_Value: 0
+# R-230544 RHEL-08-040280
+rhel8STIG_stigrule_230544_Manage: True
+rhel8STIG_stigrule_230544_net_ipv6_conf_all_accept_redirects_Value: 0
+# R-230545 RHEL-08-040281
+rhel8STIG_stigrule_230545_Manage: True
+rhel8STIG_stigrule_230545__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.unprivileged_bpf_disabled = 1'
+# R-230546 RHEL-08-040282
+rhel8STIG_stigrule_230546_Manage: True
+rhel8STIG_stigrule_230546__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.yama.ptrace_scope = 1'
+rhel8STIG_stigrule_230546_kernel_yama_ptrace_scope_Value: 1
+# R-230547 RHEL-08-040283
+rhel8STIG_stigrule_230547_Manage: True
+rhel8STIG_stigrule_230547__etc_sysctl_d_99_sysctl_conf_Line: 'kernel.kptr_restrict = 1'
+# R-230548 RHEL-08-040284
+rhel8STIG_stigrule_230548_Manage: True
+rhel8STIG_stigrule_230548__etc_sysctl_d_99_sysctl_conf_Line: 'user.max_user_namespaces = 0'
+rhel8STIG_stigrule_230548_user_max_user_namespaces_Value: 0
+# R-230549 RHEL-08-040285
+rhel8STIG_stigrule_230549_Manage: True
+rhel8STIG_stigrule_230549__etc_sysctl_d_99_sysctl_conf_Line: 'net.ipv4.conf.all.rp_filter = 1'
+# R-230555 RHEL-08-040340
+rhel8STIG_stigrule_230555_Manage: True
+rhel8STIG_stigrule_230555_X11Forwarding_Line: X11Forwarding no
+# R-230556 RHEL-08-040341
+rhel8STIG_stigrule_230556_Manage: True
+rhel8STIG_stigrule_230556_X11UseLocalhost_Line: X11UseLocalhost yes
+# R-230558 RHEL-08-040360
+rhel8STIG_stigrule_230558_Manage: True
+rhel8STIG_stigrule_230558_vsftpd_State: removed
+# R-230559 RHEL-08-040370
+rhel8STIG_stigrule_230559_Manage: True
+rhel8STIG_stigrule_230559_gssproxy_State: removed
+# R-230560 RHEL-08-040380
+rhel8STIG_stigrule_230560_Manage: True
+rhel8STIG_stigrule_230560_iprutils_State: removed
+# R-230561 RHEL-08-040390
+rhel8STIG_stigrule_230561_Manage: True
+rhel8STIG_stigrule_230561_tuned_State: removed
+# R-244519 RHEL-08-010049
+rhel8STIG_stigrule_244519_Manage: True
+rhel8STIG_stigrule_244519__etc_dconf_db_local_d_01_banner_message_Value: 'true'
+# R-244523 RHEL-08-010152
+rhel8STIG_stigrule_244523_Manage: True
+rhel8STIG_stigrule_244523__usr_lib_systemd_system_emergency_service_Value: '-/usr/lib/systemd/systemd-sulogin-shell emergency'
+# R-244525 RHEL-08-010201
+rhel8STIG_stigrule_244525_Manage: True
+rhel8STIG_stigrule_244525_ClientAliveInterval_Line: ClientAliveInterval 600
+# R-244527 RHEL-08-010472
+rhel8STIG_stigrule_244527_Manage: True
+rhel8STIG_stigrule_244527_rng_tools_State: installed
+# R-244528 RHEL-08-010522
+rhel8STIG_stigrule_244528_Manage: True
+rhel8STIG_stigrule_244528_GSSAPIAuthentication_Line: GSSAPIAuthentication no
+# R-244535 RHEL-08-020031
+rhel8STIG_stigrule_244535_Manage: True
+rhel8STIG_stigrule_244535__etc_dconf_db_local_d_00_screensaver_Value: 'uint32 5'
+# R-244536 RHEL-08-020032
+rhel8STIG_stigrule_244536_Manage: True
+rhel8STIG_stigrule_244536__etc_dconf_db_local_d_02_login_screen_Value: 'true'
+# R-244537 RHEL-08-020039
+rhel8STIG_stigrule_244537_Manage: True
+rhel8STIG_stigrule_244537_tmux_State: installed
+# R-244538 RHEL-08-020081
+rhel8STIG_stigrule_244538_Manage: True
+rhel8STIG_stigrule_244538__etc_dconf_db_local_d_locks_session_idle_delay_Line: '/org/gnome/desktop/session/idle-delay'
+# R-244539 RHEL-08-020082
+rhel8STIG_stigrule_244539_Manage: True
+rhel8STIG_stigrule_244539__etc_dconf_db_local_d_locks_session_lock_enabled_Line: '/org/gnome/desktop/screensaver/lock-enabled'
+# R-244542 RHEL-08-030181
+rhel8STIG_stigrule_244542_Manage: True
+rhel8STIG_stigrule_244542_auditd_enable_Enabled: yes
+rhel8STIG_stigrule_244542_auditd_start_State: started
+# R-244543 RHEL-08-030731
+rhel8STIG_stigrule_244543_Manage: True
+rhel8STIG_stigrule_244543__etc_audit_auditd_conf_space_left_action_Line: 'space_left_action = email'
+# R-244544 RHEL-08-040101
+rhel8STIG_stigrule_244544_Manage: True
+rhel8STIG_stigrule_244544_firewalld_enable_Enabled: yes
+# R-244549 RHEL-08-040159
+rhel8STIG_stigrule_244549_Manage: True
+rhel8STIG_stigrule_244549_openssh_server_x86_64_State: installed
+# R-244550 RHEL-08-040209
+rhel8STIG_stigrule_244550_Manage: True
+rhel8STIG_stigrule_244550_net_ipv4_conf_default_accept_redirects_Value: 0
+# R-244551 RHEL-08-040239
+rhel8STIG_stigrule_244551_Manage: True
+rhel8STIG_stigrule_244551_net_ipv4_conf_all_accept_source_route_Value: 0
+# R-244552 RHEL-08-040249
+rhel8STIG_stigrule_244552_Manage: True
+rhel8STIG_stigrule_244552_net_ipv4_conf_default_accept_source_route_Value: 0
+# R-244553 RHEL-08-040279
+rhel8STIG_stigrule_244553_Manage: True
+rhel8STIG_stigrule_244553_net_ipv4_conf_all_accept_redirects_Value: 0
+# R-244554 RHEL-08-040286
+rhel8STIG_stigrule_244554_Manage: True
+rhel8STIG_stigrule_244554__etc_sysctl_d_99_sysctl_conf_Line: 'net.core.bpf_jit_harden = 2'
--- a/collections/ansible_collections/demo/compliance/roles/rhel8STIG/files/U_RHEL_8_STIG_V1R9_Manual-xccdf.xml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel8STIG/files/U_RHEL_8_STIG_V1R9_Manual-xccdf.xml
--- a/collections/ansible_collections/demo/compliance/roles/rhel8STIG/handlers/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel8STIG/handlers/main.yml
@@ -0,0 +1,11 @@
+- name: dconf_update
+  command: dconf update
+- name: auditd_restart
+  command: /usr/sbin/service auditd restart
+- name: ssh_restart
+  service:
+    name: sshd
+    state: restarted
+- name: do_reboot
+  reboot:
+    pre_reboot_delay: 60
--- a/collections/ansible_collections/demo/compliance/roles/rhel8STIG/tasks/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/rhel8STIG/tasks/main.yml
--- a/collections/ansible_collections/demo/compliance/roles/win2022STIG/callback_plugins/stig_xml.py
+++ b/collections/ansible_collections/demo/compliance/roles/win2022STIG/callback_plugins/stig_xml.py
@@ -0,0 +1,86 @@
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+from ansible.plugins.callback import CallbackBase
+from time import gmtime, strftime
+import platform
+import tempfile
+import re
+import sys
+import os
+import xml.etree.ElementTree as ET
+import xml.dom.minidom
+
+class CallbackModule(CallbackBase):
+    CALLBACK_VERSION = 2.0
+    CALLBACK_TYPE = 'xml'
+    CALLBACK_NAME = 'stig_xml'
+
+    CALLBACK_NEEDS_WHITELIST = True
+
+    def _get_STIG_path(self):
+        cwd = os.path.abspath('.')
+        for dirpath, dirs, files in os.walk(cwd):
+            if os.path.sep + 'files' in dirpath and '.xml' in files[0]:
+                return os.path.join(cwd, dirpath, files[0])
+
+    def __init__(self):
+        super(CallbackModule, self).__init__()
+        self.rules = {}
+        self.stig_path = os.environ.get('STIG_PATH')
+        self.XML_path = os.environ.get('XML_PATH')
+        if self.stig_path is None:
+            self.stig_path = self._get_STIG_path()
+        self._display.display('Using STIG_PATH: {}'.format(self.stig_path))
+        if self.XML_path is None:
+            self.XML_path = tempfile.mkdtemp() + "/xccdf-results.xml"
+        self._display.display('Using XML_PATH: {}'.format(self.XML_path))
+
+        print("Writing: {}".format(self.XML_path))
+        STIG_name = os.path.basename(self.stig_path)
+        ET.register_namespace('cdf', 'http://checklists.nist.gov/xccdf/1.2')
+        self.tr = ET.Element('{http://checklists.nist.gov/xccdf/1.2}TestResult')
+        self.tr.set('id', 'xccdf_mil.disa.stig_testresult_scap_mil.disa_comp_{}'.format(STIG_name))
+        endtime = strftime("%Y-%m-%dT%H:%M:%S", gmtime())
+        self.tr.set('end-time', endtime)
+        tg = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}target')
+        tg.text = platform.node()
+
+    def _get_rev(self, nid):
+        with open(self.stig_path, 'r') as f:
+            r = 'SV-{}r(?P<rev>\d+)_rule'.format(nid)
+            m = re.search(r, f.read())
+        if m:
+            rev = m.group('rev')
+        else:
+            rev = '0'
+        return rev
+
+    def v2_runner_on_ok(self, result):
+        name = result._task.get_name()
+        m = re.search('stigrule_(?P<id>\d+)', name)
+        if m:
+            nid = m.group('id')
+        else:
+            return
+        rev = self._get_rev(nid)
+        key = "{}r{}".format(nid, rev)
+        if self.rules.get(key, 'Unknown') != False:
+            self.rules[key] = result.is_changed()
+
+    def v2_playbook_on_stats(self, stats):
+        for rule, changed in self.rules.items():
+            state = 'fail' if changed else 'pass'
+            rr = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}rule-result')
+            rr.set('idref', 'xccdf_mil.disa.stig_rule_SV-{}_rule'.format(rule))
+            rs = ET.SubElement(rr, '{http://checklists.nist.gov/xccdf/1.2}result')
+            rs.text = state
+        passing = len(self.rules) - sum(self.rules.values())
+        sc = ET.SubElement(self.tr, '{http://checklists.nist.gov/xccdf/1.2}score')
+        sc.set('maximum', str(len(self.rules)))
+        sc.set('system', 'urn:xccdf:scoring:flat-unweighted')
+        sc.text = str(passing)
+        with open(self.XML_path, 'wb') as f:
+            out = ET.tostring(self.tr)
+            pretty = xml.dom.minidom.parseString(out).toprettyxml(encoding='utf-8')
+            f.write(pretty)
--- a/collections/ansible_collections/demo/compliance/roles/win2022STIG/defaults/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/win2022STIG/defaults/main.yml
@@ -0,0 +1,939 @@
+# R-254269 WN22-00-000320
+win2022STIG_stigrule_254269_Manage: True
+win2022STIG_stigrule_254269_Fax_State: absent
+# R-254270 WN22-00-000330
+win2022STIG_stigrule_254270_Manage: True
+win2022STIG_stigrule_254270_Web_Ftp_Service_State: absent
+# R-254271 WN22-00-000340
+win2022STIG_stigrule_254271_Manage: True
+win2022STIG_stigrule_254271_PNRP_State: absent
+# R-254272 WN22-00-000350
+win2022STIG_stigrule_254272_Manage: True
+win2022STIG_stigrule_254272_Simple_TCPIP_State: absent
+# R-254273 WN22-00-000360
+win2022STIG_stigrule_254273_Manage: True
+win2022STIG_stigrule_254273_Telnet_Client_State: absent
+# R-254275 WN22-00-000380
+win2022STIG_stigrule_254275_Manage: True
+win2022STIG_stigrule_254275_FS_SMB1_State: absent
+# R-254276 WN22-00-000390
+win2022STIG_stigrule_254276_Manage: True
+win2022STIG_stigrule_254276_SMB1_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\'
+win2022STIG_stigrule_254276_SMB1_State: 'Present'
+win2022STIG_stigrule_254276_SMB1_ValueData: '0'
+win2022STIG_stigrule_254276_SMB1_ValueType: 'Dword'
+win2022STIG_stigrule_254276_TFTP_Client_State: absent
+# R-254277 WN22-00-000400
+win2022STIG_stigrule_254277_Manage: True
+win2022STIG_stigrule_254277_Start_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\mrxsmb10\'
+win2022STIG_stigrule_254277_Start_State: 'Present'
+win2022STIG_stigrule_254277_Start_ValueData: '4'
+win2022STIG_stigrule_254277_Start_ValueType: 'Dword'
+# R-254278 WN22-00-000410
+win2022STIG_stigrule_254278_Manage: True
+win2022STIG_stigrule_254278_PowerShell_v2_State: absent
+# R-254281 WN22-00-000440
+# Please choose an appropriate DoD time source from http://tycho.usno.navy.mil/ntp.html
+win2022STIG_stigrule_254281_Manage: False
+win2022STIG_stigrule_254281_NtpServer_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\W32time\Parameters'
+win2022STIG_stigrule_254281_NtpServer_State: 'Present'
+win2022STIG_stigrule_254281_NtpServer_ValueData: 'your|DoD|time|server|url|here'
+win2022STIG_stigrule_254281_NtpServer_ValueType: 'String'
+win2022STIG_stigrule_254281_Type_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\W32time\Parameters'
+win2022STIG_stigrule_254281_Type_State: 'Present'
+win2022STIG_stigrule_254281_Type_ValueData: 'NTP'
+win2022STIG_stigrule_254281_Type_ValueType: 'String'
+win2022STIG_stigrule_254281_CrossSiteSyncFlags_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient'
+win2022STIG_stigrule_254281_CrossSiteSyncFlags_State: 'Present'
+win2022STIG_stigrule_254281_CrossSiteSyncFlags_ValueData: '2'
+win2022STIG_stigrule_254281_CrossSiteSyncFlags_ValueType: 'Dword'
+win2022STIG_stigrule_254281_EventLogFlags_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient'
+win2022STIG_stigrule_254281_EventLogFlags_State: 'Present'
+win2022STIG_stigrule_254281_EventLogFlags_ValueData: '0'
+win2022STIG_stigrule_254281_EventLogFlags_ValueType: 'Dword'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMaxTimes_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMaxTimes_State: 'Present'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMaxTimes_ValueData: '7'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMaxTimes_ValueType: 'Dword'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMinutes_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMinutes_State: 'Present'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMinutes_ValueData: '15'
+win2022STIG_stigrule_254281_ResolvePeerBackoffMinutes_ValueType: 'Dword'
+win2022STIG_stigrule_254281_SpecialPollInterval_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient'
+win2022STIG_stigrule_254281_SpecialPollInterval_State: 'Present'
+win2022STIG_stigrule_254281_SpecialPollInterval_ValueData: '3600'
+win2022STIG_stigrule_254281_SpecialPollInterval_ValueType: 'Dword'
+# R-254285 WN22-AC-000010
+win2022STIG_stigrule_254285_Manage: False
+win2022STIG_stigrule_254285_Account_lockout_duration_Value: 15
+# R-254286 WN22-AC-000020
+win2022STIG_stigrule_254286_Manage: False
+win2022STIG_stigrule_254286_Account_lockout_threshold_Value: 3
+# R-254287 WN22-AC-000030
+win2022STIG_stigrule_254287_Manage: False
+win2022STIG_stigrule_254287_Reset_account_lockout_counter_after_Value: 15
+# R-254288 WN22-AC-000040
+win2022STIG_stigrule_254288_Manage: True
+win2022STIG_stigrule_254288_Enforce_password_history_Value: 24
+# R-254289 WN22-AC-000050
+win2022STIG_stigrule_254289_Manage: True
+win2022STIG_stigrule_254289_Maximum_Password_Age_Value: 60
+# R-254290 WN22-AC-000060
+win2022STIG_stigrule_254290_Manage: True
+win2022STIG_stigrule_254290_Minimum_Password_Age_Value: 1
+# R-254291 WN22-AC-000070
+win2022STIG_stigrule_254291_Manage: True
+win2022STIG_stigrule_254291_Minimum_Password_Length_Value: 14
+# R-254292 WN22-AC-000080
+win2022STIG_stigrule_254292_Manage: True
+win2022STIG_stigrule_254292_Password_must_meet_complexity_requirements_Value: 1
+# R-254293 WN22-AC-000090
+win2022STIG_stigrule_254293_Manage: True
+win2022STIG_stigrule_254293_Store_passwords_using_reversible_encryption_Value: 0
+# R-254296 WN22-AU-000030
+win2022STIG_stigrule_254296_Manage: True
+# R-254297 WN22-AU-000040
+win2022STIG_stigrule_254297_Manage: True
+# R-254298 WN22-AU-000050
+win2022STIG_stigrule_254298_Manage: True
+# R-254300 WN22-AU-000070
+win2022STIG_stigrule_254300_Manage: True
+win2022STIG_stigrule_254300_Credential_Validation_AuditType: success,failure
+# R-254301 WN22-AU-000080
+win2022STIG_stigrule_254301_Manage: True
+win2022STIG_stigrule_254301_Credential_Validation_AuditType: success,failure
+# R-254302 WN22-AU-000090
+win2022STIG_stigrule_254302_Manage: True
+win2022STIG_stigrule_254302_Other_Account_Management_Events_AuditType: success
+# R-254303 WN22-AU-000100
+win2022STIG_stigrule_254303_Manage: True
+win2022STIG_stigrule_254303_Security_Group_Management_AuditType: success
+# R-254304 WN22-AU-000110
+win2022STIG_stigrule_254304_Manage: True
+win2022STIG_stigrule_254304_User_Account_Management_AuditType: success,failure
+# R-254305 WN22-AU-000120
+win2022STIG_stigrule_254305_Manage: True
+win2022STIG_stigrule_254305_User_Account_Management_AuditType: success,failure
+# R-254306 WN22-AU-000130
+win2022STIG_stigrule_254306_Manage: True
+win2022STIG_stigrule_254306_PNP_Activity_AuditType: success
+# R-254307 WN22-AU-000140
+win2022STIG_stigrule_254307_Manage: True
+win2022STIG_stigrule_254307_Process_Creation_AuditType: success
+# R-254308 WN22-AU-000150
+win2022STIG_stigrule_254308_Manage: True
+win2022STIG_stigrule_254308_Account_Lockout_AuditType: success,failure
+# R-254309 WN22-AU-000160
+win2022STIG_stigrule_254309_Manage: True
+win2022STIG_stigrule_254309_Account_Lockout_AuditType: success,failure
+# R-254310 WN22-AU-000170
+win2022STIG_stigrule_254310_Manage: True
+win2022STIG_stigrule_254310_Group_Membership_AuditType: success
+# R-254311 WN22-AU-000180
+win2022STIG_stigrule_254311_Manage: True
+win2022STIG_stigrule_254311_Logoff_AuditType: success
+# R-254312 WN22-AU-000190
+win2022STIG_stigrule_254312_Manage: True
+win2022STIG_stigrule_254312_Logon_AuditType: success,failure
+# R-254313 WN22-AU-000200
+win2022STIG_stigrule_254313_Manage: True
+win2022STIG_stigrule_254313_Logon_AuditType: success,failure
+# R-254314 WN22-AU-000210
+win2022STIG_stigrule_254314_Manage: True
+win2022STIG_stigrule_254314_Special_Logon_AuditType: success
+# R-254315 WN22-AU-000220
+win2022STIG_stigrule_254315_Manage: True
+win2022STIG_stigrule_254315_Other_Object_Access_Events_AuditType: success,failure
+# R-254316 WN22-AU-000230
+win2022STIG_stigrule_254316_Manage: True
+win2022STIG_stigrule_254316_Other_Object_Access_Events_AuditType: success,failure
+# R-254317 WN22-AU-000240
+win2022STIG_stigrule_254317_Manage: True
+win2022STIG_stigrule_254317_Removable_Storage_AuditType: success,failure
+# R-254318 WN22-AU-000250
+win2022STIG_stigrule_254318_Manage: True
+win2022STIG_stigrule_254318_Removable_Storage_AuditType: success,failure
+# R-254319 WN22-AU-000260
+win2022STIG_stigrule_254319_Manage: True
+win2022STIG_stigrule_254319_Policy_Change_AuditType: success,failure
+# R-254320 WN22-AU-000270
+win2022STIG_stigrule_254320_Manage: True
+win2022STIG_stigrule_254320_Policy_Change_AuditType: success,failure
+# R-254321 WN22-AU-000280
+win2022STIG_stigrule_254321_Manage: True
+win2022STIG_stigrule_254321_Authentication_Policy_Change_AuditType: success
+# R-254322 WN22-AU-000290
+win2022STIG_stigrule_254322_Manage: True
+win2022STIG_stigrule_254322_Authorization_Policy_Change_AuditType: success
+# R-254323 WN22-AU-000300
+win2022STIG_stigrule_254323_Manage: True
+win2022STIG_stigrule_254323_Sensitive_Privilege_Use_AuditType: success,failure
+# R-254324 WN22-AU-000310
+win2022STIG_stigrule_254324_Manage: True
+win2022STIG_stigrule_254324_Sensitive_Privilege_Use_AuditType: success,failure
+# R-254325 WN22-AU-000320
+win2022STIG_stigrule_254325_Manage: True
+win2022STIG_stigrule_254325_IPsec_Driver_AuditType: success,failure
+# R-254326 WN22-AU-000330
+win2022STIG_stigrule_254326_Manage: True
+win2022STIG_stigrule_254326_IPsec_Driver_AuditType: success,failure
+# R-254327 WN22-AU-000340
+win2022STIG_stigrule_254327_Manage: True
+win2022STIG_stigrule_254327_Other_System_Events_AuditType: success,failure
+# R-254328 WN22-AU-000350
+win2022STIG_stigrule_254328_Manage: True
+win2022STIG_stigrule_254328_Other_System_Events_AuditType: success,failure
+# R-254329 WN22-AU-000360
+win2022STIG_stigrule_254329_Manage: True
+win2022STIG_stigrule_254329_Security_State_Change_AuditType: success
+# R-254330 WN22-AU-000370
+win2022STIG_stigrule_254330_Manage: True
+win2022STIG_stigrule_254330_Security_System_Extension_AuditType: success
+# R-254331 WN22-AU-000380
+win2022STIG_stigrule_254331_Manage: True
+win2022STIG_stigrule_254331_System_Integrity_AuditType: success,failure
+# R-254332 WN22-AU-000390
+win2022STIG_stigrule_254332_Manage: True
+win2022STIG_stigrule_254332_System_Integrity_AuditType: success,failure
+# R-254333 WN22-CC-000010
+win2022STIG_stigrule_254333_Manage: True
+win2022STIG_stigrule_254333_NoLockScreenSlideshow_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization\'
+win2022STIG_stigrule_254333_NoLockScreenSlideshow_State: 'Present'
+win2022STIG_stigrule_254333_NoLockScreenSlideshow_ValueData: '1'
+win2022STIG_stigrule_254333_NoLockScreenSlideshow_ValueType: 'Dword'
+# R-254334 WN22-CC-000020
+win2022STIG_stigrule_254334_Manage: True
+win2022STIG_stigrule_254334_UseLogonCredential_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest\'
+win2022STIG_stigrule_254334_UseLogonCredential_State: 'Present'
+win2022STIG_stigrule_254334_UseLogonCredential_ValueData: '0'
+win2022STIG_stigrule_254334_UseLogonCredential_ValueType: 'Dword'
+# R-254335 WN22-CC-000030
+win2022STIG_stigrule_254335_Manage: True
+win2022STIG_stigrule_254335_DisableIPSourceRouting_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters\'
+win2022STIG_stigrule_254335_DisableIPSourceRouting_State: 'Present'
+win2022STIG_stigrule_254335_DisableIPSourceRouting_ValueData: '2'
+win2022STIG_stigrule_254335_DisableIPSourceRouting_ValueType: 'Dword'
+# R-254336 WN22-CC-000040
+win2022STIG_stigrule_254336_Manage: True
+win2022STIG_stigrule_254336_DisableIPSourceRouting_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\'
+win2022STIG_stigrule_254336_DisableIPSourceRouting_State: 'Present'
+win2022STIG_stigrule_254336_DisableIPSourceRouting_ValueData: '2'
+win2022STIG_stigrule_254336_DisableIPSourceRouting_ValueType: 'Dword'
+# R-254337 WN22-CC-000050
+win2022STIG_stigrule_254337_Manage: True
+win2022STIG_stigrule_254337_EnableICMPRedirect_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\'
+win2022STIG_stigrule_254337_EnableICMPRedirect_State: 'Present'
+win2022STIG_stigrule_254337_EnableICMPRedirect_ValueData: '0'
+win2022STIG_stigrule_254337_EnableICMPRedirect_ValueType: 'Dword'
+# R-254338 WN22-CC-000060
+win2022STIG_stigrule_254338_Manage: True
+win2022STIG_stigrule_254338_NoNameReleaseOnDemand_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netbt\Parameters\'
+win2022STIG_stigrule_254338_NoNameReleaseOnDemand_State: 'Present'
+win2022STIG_stigrule_254338_NoNameReleaseOnDemand_ValueData: '1'
+win2022STIG_stigrule_254338_NoNameReleaseOnDemand_ValueType: 'Dword'
+# R-254339 WN22-CC-000070
+win2022STIG_stigrule_254339_Manage: True
+win2022STIG_stigrule_254339_AllowInsecureGuestAuth_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\'
+win2022STIG_stigrule_254339_AllowInsecureGuestAuth_State: 'Present'
+win2022STIG_stigrule_254339_AllowInsecureGuestAuth_ValueData: '0'
+win2022STIG_stigrule_254339_AllowInsecureGuestAuth_ValueType: 'Dword'
+# R-254340 WN22-CC-000080
+win2022STIG_stigrule_254340_Manage: True
+win2022STIG_stigrule_254340_____NETLOGON_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\'
+win2022STIG_stigrule_254340_____NETLOGON_State: 'Present'
+win2022STIG_stigrule_254340_____NETLOGON_ValueData: 'RequireMutualAuthentication=1, RequireIntegrity=1'
+win2022STIG_stigrule_254340_____NETLOGON_ValueType: 'String'
+win2022STIG_stigrule_254340_____SYSVOL_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\'
+win2022STIG_stigrule_254340_____SYSVOL_State: 'Present'
+win2022STIG_stigrule_254340_____SYSVOL_ValueData: 'RequireMutualAuthentication=1, RequireIntegrity=1'
+win2022STIG_stigrule_254340_____SYSVOL_ValueType: 'String'
+# R-254341 WN22-CC-000090
+win2022STIG_stigrule_254341_Manage: True
+win2022STIG_stigrule_254341_ProcessCreationIncludeCmdLine_Enabled_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\'
+win2022STIG_stigrule_254341_ProcessCreationIncludeCmdLine_Enabled_State: 'Present'
+win2022STIG_stigrule_254341_ProcessCreationIncludeCmdLine_Enabled_ValueData: '1'
+win2022STIG_stigrule_254341_ProcessCreationIncludeCmdLine_Enabled_ValueType: 'Dword'
+# R-254342 WN22-CC-000100
+win2022STIG_stigrule_254342_Manage: True
+win2022STIG_stigrule_254342_AllowProtectedCreds_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\CredentialsDelegation\'
+win2022STIG_stigrule_254342_AllowProtectedCreds_State: 'Present'
+win2022STIG_stigrule_254342_AllowProtectedCreds_ValueData: '1'
+win2022STIG_stigrule_254342_AllowProtectedCreds_ValueType: 'Dword'
+# R-254343 WN22-CC-000110
+# Please ensure the hardware requirements are met. See https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard-requirements
+win2022STIG_stigrule_254343_Manage: False
+win2022STIG_stigrule_254343_EnableVirtualizationBasedSecurity_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\'
+win2022STIG_stigrule_254343_EnableVirtualizationBasedSecurity_State: 'Present'
+win2022STIG_stigrule_254343_EnableVirtualizationBasedSecurity_ValueData: '1'
+win2022STIG_stigrule_254343_EnableVirtualizationBasedSecurity_ValueType: 'Dword'
+win2022STIG_stigrule_254343_RequirePlatformSecurityFeatures_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\'
+win2022STIG_stigrule_254343_RequirePlatformSecurityFeatures_State: 'Present'
+win2022STIG_stigrule_254343_RequirePlatformSecurityFeatures_ValueData: '1'
+win2022STIG_stigrule_254343_RequirePlatformSecurityFeatures_ValueType: 'Dword'
+# R-254344 WN22-CC-000130
+win2022STIG_stigrule_254344_Manage: True
+win2022STIG_stigrule_254344_DriverLoadPolicy_Key: 'HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\'
+win2022STIG_stigrule_254344_DriverLoadPolicy_State: 'Present'
+win2022STIG_stigrule_254344_DriverLoadPolicy_ValueData: '1'
+win2022STIG_stigrule_254344_DriverLoadPolicy_ValueType: 'Dword'
+# R-254345 WN22-CC-000140
+win2022STIG_stigrule_254345_Manage: True
+win2022STIG_stigrule_254345_NoGPOListChanges_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\'
+win2022STIG_stigrule_254345_NoGPOListChanges_State: 'Present'
+win2022STIG_stigrule_254345_NoGPOListChanges_ValueData: '0'
+win2022STIG_stigrule_254345_NoGPOListChanges_ValueType: 'Dword'
+# R-254346 WN22-CC-000150
+win2022STIG_stigrule_254346_Manage: True
+win2022STIG_stigrule_254346_DisableWebPnPDownload_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers\'
+win2022STIG_stigrule_254346_DisableWebPnPDownload_State: 'Present'
+win2022STIG_stigrule_254346_DisableWebPnPDownload_ValueData: '1'
+win2022STIG_stigrule_254346_DisableWebPnPDownload_ValueType: 'Dword'
+# R-254347 WN22-CC-000160
+win2022STIG_stigrule_254347_Manage: True
+win2022STIG_stigrule_254347_DisableHTTPPrinting_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Printers\'
+win2022STIG_stigrule_254347_DisableHTTPPrinting_State: 'Present'
+win2022STIG_stigrule_254347_DisableHTTPPrinting_ValueData: '1'
+win2022STIG_stigrule_254347_DisableHTTPPrinting_ValueType: 'Dword'
+# R-254348 WN22-CC-000170
+win2022STIG_stigrule_254348_Manage: True
+win2022STIG_stigrule_254348_DontDisplayNetworkSelectionUI_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System\'
+win2022STIG_stigrule_254348_DontDisplayNetworkSelectionUI_State: 'Present'
+win2022STIG_stigrule_254348_DontDisplayNetworkSelectionUI_ValueData: '1'
+win2022STIG_stigrule_254348_DontDisplayNetworkSelectionUI_ValueType: 'Dword'
+# R-254349 WN22-CC-000180
+win2022STIG_stigrule_254349_Manage: True
+win2022STIG_stigrule_254349_DCSettingIndex_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51\'
+win2022STIG_stigrule_254349_DCSettingIndex_State: 'Present'
+win2022STIG_stigrule_254349_DCSettingIndex_ValueData: '1'
+win2022STIG_stigrule_254349_DCSettingIndex_ValueType: 'Dword'
+# R-254350 WN22-CC-000190
+win2022STIG_stigrule_254350_Manage: True
+win2022STIG_stigrule_254350_ACSettingIndex_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Power\PowerSettings\0e796bdb-100d-47d6-a2d5-f7d2daa51f51\'
+win2022STIG_stigrule_254350_ACSettingIndex_State: 'Present'
+win2022STIG_stigrule_254350_ACSettingIndex_ValueData: '1'
+win2022STIG_stigrule_254350_ACSettingIndex_ValueType: 'Dword'
+# R-254351 WN22-CC-000200
+win2022STIG_stigrule_254351_Manage: True
+win2022STIG_stigrule_254351_DisableInventory_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppCompat\'
+win2022STIG_stigrule_254351_DisableInventory_State: 'Present'
+win2022STIG_stigrule_254351_DisableInventory_ValueData: '1'
+win2022STIG_stigrule_254351_DisableInventory_ValueType: 'Dword'
+# R-254352 WN22-CC-000210
+win2022STIG_stigrule_254352_Manage: True
+win2022STIG_stigrule_254352_NoAutoplayfornonVolume_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer\'
+win2022STIG_stigrule_254352_NoAutoplayfornonVolume_State: 'Present'
+win2022STIG_stigrule_254352_NoAutoplayfornonVolume_ValueData: '1'
+win2022STIG_stigrule_254352_NoAutoplayfornonVolume_ValueType: 'Dword'
+# R-254353 WN22-CC-000220
+win2022STIG_stigrule_254353_Manage: True
+win2022STIG_stigrule_254353_NoAutorun_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\'
+win2022STIG_stigrule_254353_NoAutorun_State: 'Present'
+win2022STIG_stigrule_254353_NoAutorun_ValueData: '1'
+win2022STIG_stigrule_254353_NoAutorun_ValueType: 'Dword'
+# R-254354 WN22-CC-000230
+win2022STIG_stigrule_254354_Manage: True
+win2022STIG_stigrule_254354_NoDriveTypeAutoRun_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\'
+win2022STIG_stigrule_254354_NoDriveTypeAutoRun_State: 'Present'
+win2022STIG_stigrule_254354_NoDriveTypeAutoRun_ValueData: '255'
+win2022STIG_stigrule_254354_NoDriveTypeAutoRun_ValueType: 'Dword'
+# R-254355 WN22-CC-000240
+win2022STIG_stigrule_254355_Manage: True
+win2022STIG_stigrule_254355_EnumerateAdministrators_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\CredUI\'
+win2022STIG_stigrule_254355_EnumerateAdministrators_State: 'Present'
+win2022STIG_stigrule_254355_EnumerateAdministrators_ValueData: '0'
+win2022STIG_stigrule_254355_EnumerateAdministrators_ValueType: 'Dword'
+# R-254356 WN22-CC-000250
+win2022STIG_stigrule_254356_Manage: True
+win2022STIG_stigrule_254356_AllowTelemetry_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection\'
+win2022STIG_stigrule_254356_AllowTelemetry_State: 'Present'
+win2022STIG_stigrule_254356_AllowTelemetry_ValueData: '1'
+win2022STIG_stigrule_254356_AllowTelemetry_ValueType: 'Dword'
+# R-254357 WN22-CC-000260
+win2022STIG_stigrule_254357_Manage: True
+win2022STIG_stigrule_254357_DODownloadMode_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization\'
+win2022STIG_stigrule_254357_DODownloadMode_State: 'Present'
+win2022STIG_stigrule_254357_DODownloadMode_ValueData: '100'
+win2022STIG_stigrule_254357_DODownloadMode_ValueType: 'Dword'
+# R-254358 WN22-CC-000270
+win2022STIG_stigrule_254358_Manage: True
+win2022STIG_stigrule_254358_MaxSize_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Application\'
+win2022STIG_stigrule_254358_MaxSize_State: 'Present'
+win2022STIG_stigrule_254358_MaxSize_ValueData: '32768'
+win2022STIG_stigrule_254358_MaxSize_ValueType: 'Dword'
+# R-254359 WN22-CC-000280
+win2022STIG_stigrule_254359_Manage: True
+win2022STIG_stigrule_254359_MaxSize_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\Security\'
+win2022STIG_stigrule_254359_MaxSize_State: 'Present'
+win2022STIG_stigrule_254359_MaxSize_ValueData: '196608'
+win2022STIG_stigrule_254359_MaxSize_ValueType: 'Dword'
+# R-254360 WN22-CC-000290
+win2022STIG_stigrule_254360_Manage: True
+win2022STIG_stigrule_254360_MaxSize_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\System\'
+win2022STIG_stigrule_254360_MaxSize_State: 'Present'
+win2022STIG_stigrule_254360_MaxSize_ValueData: '32768'
+win2022STIG_stigrule_254360_MaxSize_ValueType: 'Dword'
+# R-254361 WN22-CC-000300
+win2022STIG_stigrule_254361_Manage: True
+win2022STIG_stigrule_254361_EnableSmartScreen_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System\'
+win2022STIG_stigrule_254361_EnableSmartScreen_State: 'Present'
+win2022STIG_stigrule_254361_EnableSmartScreen_ValueData: '1'
+win2022STIG_stigrule_254361_EnableSmartScreen_ValueType: 'Dword'
+# R-254362 WN22-CC-000310
+win2022STIG_stigrule_254362_Manage: True
+win2022STIG_stigrule_254362_NoDataExecutionPrevention_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer\'
+win2022STIG_stigrule_254362_NoDataExecutionPrevention_State: 'Present'
+win2022STIG_stigrule_254362_NoDataExecutionPrevention_ValueData: '0'
+win2022STIG_stigrule_254362_NoDataExecutionPrevention_ValueType: 'Dword'
+# R-254363 WN22-CC-000320
+win2022STIG_stigrule_254363_Manage: True
+win2022STIG_stigrule_254363_NoHeapTerminationOnCorruption_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Explorer\'
+win2022STIG_stigrule_254363_NoHeapTerminationOnCorruption_State: 'Present'
+win2022STIG_stigrule_254363_NoHeapTerminationOnCorruption_ValueData: '0'
+win2022STIG_stigrule_254363_NoHeapTerminationOnCorruption_ValueType: 'Dword'
+# R-254364 WN22-CC-000330
+win2022STIG_stigrule_254364_Manage: True
+win2022STIG_stigrule_254364_PreXPSP2ShellProtocolBehavior_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\'
+win2022STIG_stigrule_254364_PreXPSP2ShellProtocolBehavior_State: 'Present'
+win2022STIG_stigrule_254364_PreXPSP2ShellProtocolBehavior_ValueData: '0'
+win2022STIG_stigrule_254364_PreXPSP2ShellProtocolBehavior_ValueType: 'Dword'
+# R-254365 WN22-CC-000340
+win2022STIG_stigrule_254365_Manage: True
+win2022STIG_stigrule_254365_DisablePasswordSaving_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\'
+win2022STIG_stigrule_254365_DisablePasswordSaving_State: 'Present'
+win2022STIG_stigrule_254365_DisablePasswordSaving_ValueData: '1'
+win2022STIG_stigrule_254365_DisablePasswordSaving_ValueType: 'Dword'
+# R-254366 WN22-CC-000350
+win2022STIG_stigrule_254366_Manage: True
+win2022STIG_stigrule_254366_fDisableCdm_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\'
+win2022STIG_stigrule_254366_fDisableCdm_State: 'Present'
+win2022STIG_stigrule_254366_fDisableCdm_ValueData: '1'
+win2022STIG_stigrule_254366_fDisableCdm_ValueType: 'Dword'
+# R-254367 WN22-CC-000360
+win2022STIG_stigrule_254367_Manage: True
+win2022STIG_stigrule_254367_fPromptForPassword_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\'
+win2022STIG_stigrule_254367_fPromptForPassword_State: 'Present'
+win2022STIG_stigrule_254367_fPromptForPassword_ValueData: '1'
+win2022STIG_stigrule_254367_fPromptForPassword_ValueType: 'Dword'
+# R-254368 WN22-CC-000370
+win2022STIG_stigrule_254368_Manage: True
+win2022STIG_stigrule_254368_fEncryptRPCTraffic_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\'
+win2022STIG_stigrule_254368_fEncryptRPCTraffic_State: 'Present'
+win2022STIG_stigrule_254368_fEncryptRPCTraffic_ValueData: '1'
+win2022STIG_stigrule_254368_fEncryptRPCTraffic_ValueType: 'Dword'
+# R-254369 WN22-CC-000380
+win2022STIG_stigrule_254369_Manage: True
+win2022STIG_stigrule_254369_MinEncryptionLevel_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\'
+win2022STIG_stigrule_254369_MinEncryptionLevel_State: 'Present'
+win2022STIG_stigrule_254369_MinEncryptionLevel_ValueData: '3'
+win2022STIG_stigrule_254369_MinEncryptionLevel_ValueType: 'Dword'
+# R-254370 WN22-CC-000390
+win2022STIG_stigrule_254370_Manage: True
+win2022STIG_stigrule_254370_DisableEnclosureDownload_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds\'
+win2022STIG_stigrule_254370_DisableEnclosureDownload_State: 'Present'
+win2022STIG_stigrule_254370_DisableEnclosureDownload_ValueData: '1'
+win2022STIG_stigrule_254370_DisableEnclosureDownload_ValueType: 'Dword'
+# R-254371 WN22-CC-000400
+win2022STIG_stigrule_254371_Manage: True
+win2022STIG_stigrule_254371_AllowBasicAuthInClear_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds\'
+win2022STIG_stigrule_254371_AllowBasicAuthInClear_State: 'Present'
+win2022STIG_stigrule_254371_AllowBasicAuthInClear_ValueData: '0'
+win2022STIG_stigrule_254371_AllowBasicAuthInClear_ValueType: 'Dword'
+# R-254372 WN22-CC-000410
+win2022STIG_stigrule_254372_Manage: True
+win2022STIG_stigrule_254372_AllowIndexingEncryptedStoresOrItems_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\'
+win2022STIG_stigrule_254372_AllowIndexingEncryptedStoresOrItems_State: 'Present'
+win2022STIG_stigrule_254372_AllowIndexingEncryptedStoresOrItems_ValueData: '0'
+win2022STIG_stigrule_254372_AllowIndexingEncryptedStoresOrItems_ValueType: 'Dword'
+# R-254373 WN22-CC-000420
+win2022STIG_stigrule_254373_Manage: True
+win2022STIG_stigrule_254373_EnableUserControl_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer\'
+win2022STIG_stigrule_254373_EnableUserControl_State: 'Present'
+win2022STIG_stigrule_254373_EnableUserControl_ValueData: '0'
+win2022STIG_stigrule_254373_EnableUserControl_ValueType: 'Dword'
+# R-254374 WN22-CC-000430
+win2022STIG_stigrule_254374_Manage: True
+win2022STIG_stigrule_254374_AlwaysInstallElevated_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer\'
+win2022STIG_stigrule_254374_AlwaysInstallElevated_State: 'Present'
+win2022STIG_stigrule_254374_AlwaysInstallElevated_ValueData: '0'
+win2022STIG_stigrule_254374_AlwaysInstallElevated_ValueType: 'Dword'
+# R-254375 WN22-CC-000440
+win2022STIG_stigrule_254375_Manage: True
+win2022STIG_stigrule_254375_SafeForScripting_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\Installer\'
+win2022STIG_stigrule_254375_SafeForScripting_State: 'Present'
+win2022STIG_stigrule_254375_SafeForScripting_ValueData: '0'
+win2022STIG_stigrule_254375_SafeForScripting_ValueType: 'Dword'
+# R-254376 WN22-CC-000450
+win2022STIG_stigrule_254376_Manage: True
+win2022STIG_stigrule_254376_DisableAutomaticRestartSignOn_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254376_DisableAutomaticRestartSignOn_State: 'Present'
+win2022STIG_stigrule_254376_DisableAutomaticRestartSignOn_ValueData: '1'
+win2022STIG_stigrule_254376_DisableAutomaticRestartSignOn_ValueType: 'Dword'
+# R-254378 WN22-CC-000470
+win2022STIG_stigrule_254378_Manage: True
+win2022STIG_stigrule_254378_EnableScriptBlockLogging_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging\'
+win2022STIG_stigrule_254378_EnableScriptBlockLogging_State: 'Present'
+win2022STIG_stigrule_254378_EnableScriptBlockLogging_ValueData: '1'
+win2022STIG_stigrule_254378_EnableScriptBlockLogging_ValueType: 'Dword'
+# R-254379 WN22-CC-000480
+win2022STIG_stigrule_254379_Manage: True
+win2022STIG_stigrule_254379_AllowBasic_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client\'
+win2022STIG_stigrule_254379_AllowBasic_State: 'Present'
+win2022STIG_stigrule_254379_AllowBasic_ValueData: '0'
+win2022STIG_stigrule_254379_AllowBasic_ValueType: 'Dword'
+# R-254380 WN22-CC-000490
+win2022STIG_stigrule_254380_Manage: True
+win2022STIG_stigrule_254380_AllowUnencryptedTraffic_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client\'
+win2022STIG_stigrule_254380_AllowUnencryptedTraffic_State: 'Present'
+win2022STIG_stigrule_254380_AllowUnencryptedTraffic_ValueData: '0'
+win2022STIG_stigrule_254380_AllowUnencryptedTraffic_ValueType: 'Dword'
+# R-254381 WN22-CC-000500
+win2022STIG_stigrule_254381_Manage: True
+win2022STIG_stigrule_254381_AllowDigest_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Client\'
+win2022STIG_stigrule_254381_AllowDigest_State: 'Present'
+win2022STIG_stigrule_254381_AllowDigest_ValueData: '0'
+win2022STIG_stigrule_254381_AllowDigest_ValueType: 'Dword'
+# R-254382 WN22-CC-000510
+win2022STIG_stigrule_254382_Manage: True
+win2022STIG_stigrule_254382_AllowBasic_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service\'
+win2022STIG_stigrule_254382_AllowBasic_State: 'Present'
+win2022STIG_stigrule_254382_AllowBasic_ValueData: '0'
+win2022STIG_stigrule_254382_AllowBasic_ValueType: 'Dword'
+# R-254383 WN22-CC-000520
+win2022STIG_stigrule_254383_Manage: True
+win2022STIG_stigrule_254383_AllowUnencryptedTraffic_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service\'
+win2022STIG_stigrule_254383_AllowUnencryptedTraffic_State: 'Present'
+win2022STIG_stigrule_254383_AllowUnencryptedTraffic_ValueData: '0'
+win2022STIG_stigrule_254383_AllowUnencryptedTraffic_ValueType: 'Dword'
+# R-254384 WN22-CC-000530
+win2022STIG_stigrule_254384_Manage: True
+win2022STIG_stigrule_254384_DisableRunAs_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\WinRM\Service\'
+win2022STIG_stigrule_254384_DisableRunAs_State: 'Present'
+win2022STIG_stigrule_254384_DisableRunAs_ValueData: '1'
+win2022STIG_stigrule_254384_DisableRunAs_ValueType: 'Dword'
+# R-254407 WN22-DC-000230
+win2022STIG_stigrule_254407_Manage: True
+win2022STIG_stigrule_254407_Computer_Account_Management_AuditType: success
+# R-254408 WN22-DC-000240
+win2022STIG_stigrule_254408_Manage: True
+win2022STIG_stigrule_254408_Directory_Service_Access_AuditType: success,failure
+# R-254409 WN22-DC-000250
+win2022STIG_stigrule_254409_Manage: True
+win2022STIG_stigrule_254409_Directory_Service_Access_AuditType: success,failure
+# R-254410 WN22-DC-000260
+win2022STIG_stigrule_254410_Manage: True
+win2022STIG_stigrule_254410_Directory_Service_Changes_AuditType: success,failure
+# R-254411 WN22-DC-000270
+win2022STIG_stigrule_254411_Manage: True
+win2022STIG_stigrule_254411_Directory_Service_Changes_AuditType: success,failure
+# R-254416 WN22-DC-000320
+win2022STIG_stigrule_254416_Manage: True
+win2022STIG_stigrule_254416_Domain_controller_LDAP_server_signing_requirements_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\'
+win2022STIG_stigrule_254416_Domain_controller_LDAP_server_signing_requirements_State: 'Present'
+win2022STIG_stigrule_254416_Domain_controller_LDAP_server_signing_requirements_ValueData: '2'
+win2022STIG_stigrule_254416_Domain_controller_LDAP_server_signing_requirements_ValueType: 'Dword'
+# R-254417 WN22-DC-000330
+win2022STIG_stigrule_254417_Manage: True
+win2022STIG_stigrule_254417_Domain_controller_Refuse_machine_account_password_changes_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\'
+win2022STIG_stigrule_254417_Domain_controller_Refuse_machine_account_password_changes_State: 'Present'
+win2022STIG_stigrule_254417_Domain_controller_Refuse_machine_account_password_changes_ValueData: '0'
+win2022STIG_stigrule_254417_Domain_controller_Refuse_machine_account_password_changes_ValueType: 'Dword'
+# R-254418 WN22-DC-000340
+win2022STIG_stigrule_254418_Manage: False
+win2022STIG_stigrule_254418_SeNetworkLogonRight_Users: ['Administrators','Authenticated Users','Enterprise Domain Controllers']
+# R-254419 WN22-DC-000350
+win2022STIG_stigrule_254419_Manage: True
+win2022STIG_stigrule_254419_SeMachineAccountPrivilege_Users: ['Administrators']
+# R-254420 WN22-DC-000360
+win2022STIG_stigrule_254420_Manage: True
+win2022STIG_stigrule_254420_SeRemoteInteractiveLogonRight_Users: ['Administrators']
+# R-254421 WN22-DC-000370
+win2022STIG_stigrule_254421_Manage: False
+win2022STIG_stigrule_254421_SeDenyNetworkLogonRight_Users: ['Guests']
+# R-254422 WN22-DC-000380
+win2022STIG_stigrule_254422_Manage: False
+win2022STIG_stigrule_254422_SeDenyBatchLogonRight_Users: ['Guests']
+# R-254423 WN22-DC-000390
+win2022STIG_stigrule_254423_Manage: False
+win2022STIG_stigrule_254423_SeDenyServiceLogonRight_Users: []
+# R-254424 WN22-DC-000400
+win2022STIG_stigrule_254424_Manage: False
+win2022STIG_stigrule_254424_SeDenyInteractiveLogonRight_Users: ['Guests']
+# R-254425 WN22-DC-000410
+win2022STIG_stigrule_254425_Manage: False
+win2022STIG_stigrule_254425_SeDenyRemoteInteractiveLogonRight_Users: ['Guests']
+# R-254426 WN22-DC-000420
+win2022STIG_stigrule_254426_Manage: False
+win2022STIG_stigrule_254426_SeEnableDelegationPrivilege_Users: ['Administrators']
+# R-254429 WN22-MS-000020
+win2022STIG_stigrule_254429_Manage: False
+win2022STIG_stigrule_254429_LocalAccountTokenFilterPolicy_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System'
+win2022STIG_stigrule_254429_LocalAccountTokenFilterPolicy_State: 'Present'
+win2022STIG_stigrule_254429_LocalAccountTokenFilterPolicy_ValueData: '0'
+win2022STIG_stigrule_254429_LocalAccountTokenFilterPolicy_ValueType: 'Dword'
+# R-254430 WN22-MS-000030
+win2022STIG_stigrule_254430_Manage: True
+win2022STIG_stigrule_254430_EnumerateLocalUsers_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\System\'
+win2022STIG_stigrule_254430_EnumerateLocalUsers_State: 'Present'
+win2022STIG_stigrule_254430_EnumerateLocalUsers_ValueData: '0'
+win2022STIG_stigrule_254430_EnumerateLocalUsers_ValueType: 'Dword'
+# R-254431 WN22-MS-000040
+win2022STIG_stigrule_254431_Manage: True
+win2022STIG_stigrule_254431_RestrictRemoteClients_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows NT\Rpc\'
+win2022STIG_stigrule_254431_RestrictRemoteClients_State: 'Present'
+win2022STIG_stigrule_254431_RestrictRemoteClients_ValueData: '1'
+win2022STIG_stigrule_254431_RestrictRemoteClients_ValueType: 'Dword'
+# R-254432 WN22-MS-000050
+win2022STIG_stigrule_254432_Manage: True
+win2022STIG_stigrule_254432_Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available_Key: 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\'
+win2022STIG_stigrule_254432_Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available_State: 'Present'
+win2022STIG_stigrule_254432_Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available_ValueData: '4'
+win2022STIG_stigrule_254432_Interactive_logon_Number_of_previous_logons_to_cache_in_case_domain_controller_is_not_available_ValueType: 'string'
+# R-254434 WN22-MS-000070
+win2022STIG_stigrule_254434_Manage: False
+win2022STIG_stigrule_254434_SeNetworkLogonRight_Users: ['Administrators','Authenticated Users']
+# R-254436 WN22-MS-000090
+win2022STIG_stigrule_254436_Manage: False
+win2022STIG_stigrule_254436_SeDenyBatchLogonRight_Users: ['Enterprise Admins','Domain Admins','Guests']
+# R-254437 WN22-MS-000100
+win2022STIG_stigrule_254437_Manage: False
+win2022STIG_stigrule_254437_SeDenyServiceLogonRight_Users: ['Enterprise Admins','Domain Admins']
+# R-254438 WN22-MS-000110
+win2022STIG_stigrule_254438_Manage: False
+win2022STIG_stigrule_254438_SeDenyInteractiveLogonRight_Users: ['Enterprise Admins','Domain Admins','Guests']
+# R-254440 WN22-MS-000130
+win2022STIG_stigrule_254440_Manage: False
+win2022STIG_stigrule_254440_SeEnableDelegationPrivilege_Users: []
+# R-254441 WN22-MS-000140
+# Please ensure the hardware requirements are met. See https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard-requirements
+win2022STIG_stigrule_254441_Manage: False
+win2022STIG_stigrule_254441_LsaCfgFlags_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeviceGuard\'
+win2022STIG_stigrule_254441_LsaCfgFlags_State: 'Present'
+win2022STIG_stigrule_254441_LsaCfgFlags_ValueData: '1'
+win2022STIG_stigrule_254441_LsaCfgFlags_ValueType: 'Dword'
+# R-254445 WN22-SO-000010
+win2022STIG_stigrule_254445_Manage: True
+win2022STIG_stigrule_254445_Accounts_Guest_account_status_ValueData: '0'
+# R-254446 WN22-SO-000020
+win2022STIG_stigrule_254446_Manage: True
+win2022STIG_stigrule_254446_Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\'
+win2022STIG_stigrule_254446_Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only_State: 'Present'
+win2022STIG_stigrule_254446_Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only_ValueData: '1'
+win2022STIG_stigrule_254446_Accounts_Limit_local_account_use_of_blank_passwords_to_console_logon_only_ValueType: 'Dword'
+# R-254448 WN22-SO-000040
+win2022STIG_stigrule_254448_Manage: False
+win2022STIG_stigrule_254448_Accounts_Rename_guest_account_ValueData: 'RenamedGuest'
+# R-254449 WN22-SO-000050
+win2022STIG_stigrule_254449_Manage: True
+win2022STIG_stigrule_254449_Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\'
+win2022STIG_stigrule_254449_Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings_State: 'Present'
+win2022STIG_stigrule_254449_Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings_ValueData: '1'
+win2022STIG_stigrule_254449_Audit_Force_audit_policy_subcategory_settings_Windows_Vista_or_later_to_override_audit_policy_category_settings_ValueType: 'Dword'
+# R-254450 WN22-SO-000060
+win2022STIG_stigrule_254450_Manage: True
+win2022STIG_stigrule_254450_Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\'
+win2022STIG_stigrule_254450_Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always_State: 'Present'
+win2022STIG_stigrule_254450_Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always_ValueData: '1'
+win2022STIG_stigrule_254450_Domain_member_Digitally_encrypt_or_sign_secure_channel_data_always_ValueType: 'Dword'
+# R-254451 WN22-SO-000070
+win2022STIG_stigrule_254451_Manage: True
+win2022STIG_stigrule_254451_Domain_member_Digitally_encrypt_secure_channel_data_when_possible_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\'
+win2022STIG_stigrule_254451_Domain_member_Digitally_encrypt_secure_channel_data_when_possible_State: 'Present'
+win2022STIG_stigrule_254451_Domain_member_Digitally_encrypt_secure_channel_data_when_possible_ValueData: '1'
+win2022STIG_stigrule_254451_Domain_member_Digitally_encrypt_secure_channel_data_when_possible_ValueType: 'Dword'
+# R-254452 WN22-SO-000080
+win2022STIG_stigrule_254452_Manage: True
+win2022STIG_stigrule_254452_Domain_member_Digitally_sign_secure_channel_data_when_possible_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\'
+win2022STIG_stigrule_254452_Domain_member_Digitally_sign_secure_channel_data_when_possible_State: 'Present'
+win2022STIG_stigrule_254452_Domain_member_Digitally_sign_secure_channel_data_when_possible_ValueData: '1'
+win2022STIG_stigrule_254452_Domain_member_Digitally_sign_secure_channel_data_when_possible_ValueType: 'Dword'
+# R-254453 WN22-SO-000090
+win2022STIG_stigrule_254453_Manage: True
+win2022STIG_stigrule_254453_Domain_member_Disable_machine_account_password_changes_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\'
+win2022STIG_stigrule_254453_Domain_member_Disable_machine_account_password_changes_State: 'Present'
+win2022STIG_stigrule_254453_Domain_member_Disable_machine_account_password_changes_ValueData: '0'
+win2022STIG_stigrule_254453_Domain_member_Disable_machine_account_password_changes_ValueType: 'Dword'
+# R-254454 WN22-SO-000100
+win2022STIG_stigrule_254454_Manage: True
+win2022STIG_stigrule_254454_Domain_member_Maximum_machine_account_password_age_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\'
+win2022STIG_stigrule_254454_Domain_member_Maximum_machine_account_password_age_State: 'Present'
+win2022STIG_stigrule_254454_Domain_member_Maximum_machine_account_password_age_ValueData: '30'
+win2022STIG_stigrule_254454_Domain_member_Maximum_machine_account_password_age_ValueType: 'Dword'
+# R-254455 WN22-SO-000110
+win2022STIG_stigrule_254455_Manage: True
+win2022STIG_stigrule_254455_Domain_member_Require_strong_Windows_2000_or_later_session_key_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\'
+win2022STIG_stigrule_254455_Domain_member_Require_strong_Windows_2000_or_later_session_key_State: 'Present'
+win2022STIG_stigrule_254455_Domain_member_Require_strong_Windows_2000_or_later_session_key_ValueData: '1'
+win2022STIG_stigrule_254455_Domain_member_Require_strong_Windows_2000_or_later_session_key_ValueType: 'Dword'
+# R-254456 WN22-SO-000120
+win2022STIG_stigrule_254456_Manage: True
+win2022STIG_stigrule_254456_Interactive_logon_Machine_inactivity_limit_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254456_Interactive_logon_Machine_inactivity_limit_State: 'Present'
+win2022STIG_stigrule_254456_Interactive_logon_Machine_inactivity_limit_ValueData: '900'
+win2022STIG_stigrule_254456_Interactive_logon_Machine_inactivity_limit_ValueType: 'Dword'
+# R-254457 WN22-SO-000130
+win2022STIG_stigrule_254457_Manage: True
+win2022STIG_stigrule_254457_Interactive_logon_Message_text_for_users_attempting_to_log_on_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254457_Interactive_logon_Message_text_for_users_attempting_to_log_on_State: 'Present'
+win2022STIG_stigrule_254457_Interactive_logon_Message_text_for_users_attempting_to_log_on_ValueData: 'You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.
+By using this IS (which includes any device attached to this IS), you consent to the following conditions:
+-The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.
+-At any time, the USG may inspect and seize data stored on this IS.
+-Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG-authorized purpose.
+-This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy.
+-Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.'
+win2022STIG_stigrule_254457_Interactive_logon_Message_text_for_users_attempting_to_log_on_ValueType: 'string'
+# R-254458 WN22-SO-000140
+win2022STIG_stigrule_254458_Manage: True
+win2022STIG_stigrule_254458_Interactive_logon_Message_title_for_users_attempting_to_log_on_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254458_Interactive_logon_Message_title_for_users_attempting_to_log_on_State: 'Present'
+win2022STIG_stigrule_254458_Interactive_logon_Message_title_for_users_attempting_to_log_on_ValueData: 'DoD Notice and Consent Banner'
+win2022STIG_stigrule_254458_Interactive_logon_Message_title_for_users_attempting_to_log_on_ValueType: 'string'
+# R-254459 WN22-SO-000150
+win2022STIG_stigrule_254459_Manage: True
+win2022STIG_stigrule_254459_Interactive_logon_Smart_card_removal_behavior_Key: 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\'
+win2022STIG_stigrule_254459_Interactive_logon_Smart_card_removal_behavior_State: 'Present'
+win2022STIG_stigrule_254459_Interactive_logon_Smart_card_removal_behavior_ValueData: '1'
+win2022STIG_stigrule_254459_Interactive_logon_Smart_card_removal_behavior_ValueType: 'string'
+# R-254460 WN22-SO-000160
+win2022STIG_stigrule_254460_Manage: True
+win2022STIG_stigrule_254460_Microsoft_network_client_Digitally_sign_communications_always_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\'
+win2022STIG_stigrule_254460_Microsoft_network_client_Digitally_sign_communications_always_State: 'Present'
+win2022STIG_stigrule_254460_Microsoft_network_client_Digitally_sign_communications_always_ValueData: '1'
+win2022STIG_stigrule_254460_Microsoft_network_client_Digitally_sign_communications_always_ValueType: 'Dword'
+# R-254461 WN22-SO-000170
+win2022STIG_stigrule_254461_Manage: True
+win2022STIG_stigrule_254461_Microsoft_network_client_Digitally_sign_communications_if_server_agrees_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\'
+win2022STIG_stigrule_254461_Microsoft_network_client_Digitally_sign_communications_if_server_agrees_State: 'Present'
+win2022STIG_stigrule_254461_Microsoft_network_client_Digitally_sign_communications_if_server_agrees_ValueData: '1'
+win2022STIG_stigrule_254461_Microsoft_network_client_Digitally_sign_communications_if_server_agrees_ValueType: 'Dword'
+# R-254462 WN22-SO-000180
+win2022STIG_stigrule_254462_Manage: True
+win2022STIG_stigrule_254462_Microsoft_network_client_Send_unencrypted_password_to_third_party_SMB_servers_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\'
+win2022STIG_stigrule_254462_Microsoft_network_client_Send_unencrypted_password_to_third_party_SMB_servers_State: 'Present'
+win2022STIG_stigrule_254462_Microsoft_network_client_Send_unencrypted_password_to_third_party_SMB_servers_ValueData: '0'
+win2022STIG_stigrule_254462_Microsoft_network_client_Send_unencrypted_password_to_third_party_SMB_servers_ValueType: 'Dword'
+# R-254463 WN22-SO-000190
+win2022STIG_stigrule_254463_Manage: True
+win2022STIG_stigrule_254463_Microsoft_network_server_Digitally_sign_communications_always_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\'
+win2022STIG_stigrule_254463_Microsoft_network_server_Digitally_sign_communications_always_State: 'Present'
+win2022STIG_stigrule_254463_Microsoft_network_server_Digitally_sign_communications_always_ValueData: '1'
+win2022STIG_stigrule_254463_Microsoft_network_server_Digitally_sign_communications_always_ValueType: 'Dword'
+# R-254464 WN22-SO-000200
+win2022STIG_stigrule_254464_Manage: True
+win2022STIG_stigrule_254464_Microsoft_network_server_Digitally_sign_communications_if_client_agrees_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters\'
+win2022STIG_stigrule_254464_Microsoft_network_server_Digitally_sign_communications_if_client_agrees_State: 'Present'
+win2022STIG_stigrule_254464_Microsoft_network_server_Digitally_sign_communications_if_client_agrees_ValueData: '1'
+win2022STIG_stigrule_254464_Microsoft_network_server_Digitally_sign_communications_if_client_agrees_ValueType: 'Dword'
+# R-254465 WN22-SO-000210
+win2022STIG_stigrule_254465_Manage: False
+win2022STIG_stigrule_254465_Network_access_Allow_anonymous_SID_Name_translation_ValueData: '0'
+# R-254466 WN22-SO-000220
+win2022STIG_stigrule_254466_Manage: True
+win2022STIG_stigrule_254466_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\'
+win2022STIG_stigrule_254466_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_State: 'Present'
+win2022STIG_stigrule_254466_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_ValueData: '1'
+win2022STIG_stigrule_254466_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_ValueType: 'Dword'
+# R-254467 WN22-SO-000230
+win2022STIG_stigrule_254467_Manage: True
+win2022STIG_stigrule_254467_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\'
+win2022STIG_stigrule_254467_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares_State: 'Present'
+win2022STIG_stigrule_254467_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares_ValueData: '1'
+win2022STIG_stigrule_254467_Network_access_Do_not_allow_anonymous_enumeration_of_SAM_accounts_and_shares_ValueType: 'Dword'
+# R-254468 WN22-SO-000240
+win2022STIG_stigrule_254468_Manage: True
+win2022STIG_stigrule_254468_Network_access_Let_Everyone_permissions_apply_to_anonymous_users_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\'
+win2022STIG_stigrule_254468_Network_access_Let_Everyone_permissions_apply_to_anonymous_users_State: 'Present'
+win2022STIG_stigrule_254468_Network_access_Let_Everyone_permissions_apply_to_anonymous_users_ValueData: '0'
+win2022STIG_stigrule_254468_Network_access_Let_Everyone_permissions_apply_to_anonymous_users_ValueType: 'Dword'
+# R-254469 WN22-SO-000250
+win2022STIG_stigrule_254469_Manage: True
+win2022STIG_stigrule_254469_Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\'
+win2022STIG_stigrule_254469_Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares_State: 'Present'
+win2022STIG_stigrule_254469_Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares_ValueData: '1'
+win2022STIG_stigrule_254469_Network_access_Restrict_anonymous_access_to_Named_Pipes_and_Shares_ValueType: 'Dword'
+# R-254470 WN22-SO-000260
+win2022STIG_stigrule_254470_Manage: True
+win2022STIG_stigrule_254470_Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\LSA\'
+win2022STIG_stigrule_254470_Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM_State: 'Present'
+win2022STIG_stigrule_254470_Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM_ValueData: '1'
+win2022STIG_stigrule_254470_Network_security_Allow_Local_System_to_use_computer_identity_for_NTLM_ValueType: 'Dword'
+# R-254471 WN22-SO-000270
+win2022STIG_stigrule_254471_Manage: True
+win2022STIG_stigrule_254471_Network_security_Allow_LocalSystem_NULL_session_fallback_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\LSA\MSV1_0\'
+win2022STIG_stigrule_254471_Network_security_Allow_LocalSystem_NULL_session_fallback_State: 'Present'
+win2022STIG_stigrule_254471_Network_security_Allow_LocalSystem_NULL_session_fallback_ValueData: '0'
+win2022STIG_stigrule_254471_Network_security_Allow_LocalSystem_NULL_session_fallback_ValueType: 'Dword'
+# R-254472 WN22-SO-000280
+win2022STIG_stigrule_254472_Manage: True
+win2022STIG_stigrule_254472_Network_Security_Allow_PKU2U_authentication_requests_to_this_computer_to_use_online_identities_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\LSA\pku2u\'
+win2022STIG_stigrule_254472_Network_Security_Allow_PKU2U_authentication_requests_to_this_computer_to_use_online_identities_State: 'Present'
+win2022STIG_stigrule_254472_Network_Security_Allow_PKU2U_authentication_requests_to_this_computer_to_use_online_identities_ValueData: '0'
+win2022STIG_stigrule_254472_Network_Security_Allow_PKU2U_authentication_requests_to_this_computer_to_use_online_identities_ValueType: 'Dword'
+# R-254474 WN22-SO-000300
+win2022STIG_stigrule_254474_Manage: True
+win2022STIG_stigrule_254474_Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\LSA\'
+win2022STIG_stigrule_254474_Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change_State: 'Present'
+win2022STIG_stigrule_254474_Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change_ValueData: '1'
+win2022STIG_stigrule_254474_Network_security_Do_not_store_LAN_Manager_hash_value_on_next_password_change_ValueType: 'Dword'
+# R-254475 WN22-SO-000310
+win2022STIG_stigrule_254475_Manage: True
+win2022STIG_stigrule_254475_Network_security_LAN_Manager_authentication_level_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\LSA\'
+win2022STIG_stigrule_254475_Network_security_LAN_Manager_authentication_level_State: 'Present'
+win2022STIG_stigrule_254475_Network_security_LAN_Manager_authentication_level_ValueData: '5'
+win2022STIG_stigrule_254475_Network_security_LAN_Manager_authentication_level_ValueType: 'Dword'
+# R-254476 WN22-SO-000320
+win2022STIG_stigrule_254476_Manage: True
+win2022STIG_stigrule_254476_Network_security_LDAP_client_signing_requirements_Key: 'HKLM:\SYSTEM\CurrentControlSet\Services\LDAP\'
+win2022STIG_stigrule_254476_Network_security_LDAP_client_signing_requirements_State: 'Present'
+win2022STIG_stigrule_254476_Network_security_LDAP_client_signing_requirements_ValueData: '1'
+win2022STIG_stigrule_254476_Network_security_LDAP_client_signing_requirements_ValueType: 'Dword'
+# R-254477 WN22-SO-000330
+win2022STIG_stigrule_254477_Manage: True
+win2022STIG_stigrule_254477_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\'
+win2022STIG_stigrule_254477_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients_State: 'Present'
+win2022STIG_stigrule_254477_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients_ValueData: '537395200'
+win2022STIG_stigrule_254477_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_clients_ValueType: 'Dword'
+# R-254478 WN22-SO-000340
+win2022STIG_stigrule_254478_Manage: True
+win2022STIG_stigrule_254478_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0\'
+win2022STIG_stigrule_254478_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers_State: 'Present'
+win2022STIG_stigrule_254478_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers_ValueData: '537395200'
+win2022STIG_stigrule_254478_Network_security_Minimum_session_security_for_NTLM_SSP_based_including_secure_RPC_servers_ValueType: 'Dword'
+# R-254479 WN22-SO-000350
+win2022STIG_stigrule_254479_Manage: True
+win2022STIG_stigrule_254479_System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer_Key: 'HKLM:\SOFTWARE\Policies\Microsoft\Cryptography\'
+win2022STIG_stigrule_254479_System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer_State: 'Present'
+win2022STIG_stigrule_254479_System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer_ValueData: '2'
+win2022STIG_stigrule_254479_System_cryptography_Force_strong_key_protection_for_user_keys_stored_on_the_computer_ValueType: 'Dword'
+# R-254480 WN22-SO-000360
+win2022STIG_stigrule_254480_Manage: True
+win2022STIG_stigrule_254480_System_cryptography_Use_FIPS_compliant_algorithms_for_encryption_hashing_and_signing_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\'
+win2022STIG_stigrule_254480_System_cryptography_Use_FIPS_compliant_algorithms_for_encryption_hashing_and_signing_State: 'Present'
+win2022STIG_stigrule_254480_System_cryptography_Use_FIPS_compliant_algorithms_for_encryption_hashing_and_signing_ValueData: '1'
+win2022STIG_stigrule_254480_System_cryptography_Use_FIPS_compliant_algorithms_for_encryption_hashing_and_signing_ValueType: 'Dword'
+# R-254481 WN22-SO-000370
+win2022STIG_stigrule_254481_Manage: True
+win2022STIG_stigrule_254481_System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links_Key: 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\'
+win2022STIG_stigrule_254481_System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links_State: 'Present'
+win2022STIG_stigrule_254481_System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links_ValueData: '1'
+win2022STIG_stigrule_254481_System_objects_Strengthen_default_permissions_of_internal_system_objects_eg_Symbolic_Links_ValueType: 'Dword'
+# R-254482 WN22-SO-000380
+win2022STIG_stigrule_254482_Manage: True
+win2022STIG_stigrule_254482_User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254482_User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account_State: 'Present'
+win2022STIG_stigrule_254482_User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account_ValueData: '1'
+win2022STIG_stigrule_254482_User_Account_Control_Admin_Approval_Mode_for_the_Built_in_Administrator_account_ValueType: 'Dword'
+# R-254483 WN22-SO-000390
+win2022STIG_stigrule_254483_Manage: True
+win2022STIG_stigrule_254483_User_Account_Control_Allow_UIAccess_applications_to_prompt_for_elevation_without_using_the_secure_desktop_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254483_User_Account_Control_Allow_UIAccess_applications_to_prompt_for_elevation_without_using_the_secure_desktop_State: 'Present'
+win2022STIG_stigrule_254483_User_Account_Control_Allow_UIAccess_applications_to_prompt_for_elevation_without_using_the_secure_desktop_ValueData: '0'
+win2022STIG_stigrule_254483_User_Account_Control_Allow_UIAccess_applications_to_prompt_for_elevation_without_using_the_secure_desktop_ValueType: 'Dword'
+# R-254484 WN22-SO-000400
+win2022STIG_stigrule_254484_Manage: True
+win2022STIG_stigrule_254484_User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254484_User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode_State: 'Present'
+win2022STIG_stigrule_254484_User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode_ValueData: '2'
+win2022STIG_stigrule_254484_User_Account_Control_Behavior_of_the_elevation_prompt_for_administrators_in_Admin_Approval_Mode_ValueType: 'Dword'
+# R-254485 WN22-SO-000410
+win2022STIG_stigrule_254485_Manage: True
+win2022STIG_stigrule_254485_User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254485_User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users_State: 'Present'
+win2022STIG_stigrule_254485_User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users_ValueData: '0'
+win2022STIG_stigrule_254485_User_Account_Control_Behavior_of_the_elevation_prompt_for_standard_users_ValueType: 'Dword'
+# R-254486 WN22-SO-000420
+win2022STIG_stigrule_254486_Manage: True
+win2022STIG_stigrule_254486_User_Account_Control_Detect_application_installations_and_prompt_for_elevation_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254486_User_Account_Control_Detect_application_installations_and_prompt_for_elevation_State: 'Present'
+win2022STIG_stigrule_254486_User_Account_Control_Detect_application_installations_and_prompt_for_elevation_ValueData: '1'
+win2022STIG_stigrule_254486_User_Account_Control_Detect_application_installations_and_prompt_for_elevation_ValueType: 'Dword'
+# R-254487 WN22-SO-000430
+win2022STIG_stigrule_254487_Manage: True
+win2022STIG_stigrule_254487_User_Account_Control_Only_elevate_UIAccess_applications_that_are_installed_in_secure_locations_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254487_User_Account_Control_Only_elevate_UIAccess_applications_that_are_installed_in_secure_locations_State: 'Present'
+win2022STIG_stigrule_254487_User_Account_Control_Only_elevate_UIAccess_applications_that_are_installed_in_secure_locations_ValueData: '1'
+win2022STIG_stigrule_254487_User_Account_Control_Only_elevate_UIAccess_applications_that_are_installed_in_secure_locations_ValueType: 'Dword'
+# R-254488 WN22-SO-000440
+win2022STIG_stigrule_254488_Manage: True
+win2022STIG_stigrule_254488_User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254488_User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode_State: 'Present'
+win2022STIG_stigrule_254488_User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode_ValueData: '1'
+win2022STIG_stigrule_254488_User_Account_Control_Run_all_administrators_in_Admin_Approval_Mode_ValueType: 'Dword'
+# R-254489 WN22-SO-000450
+win2022STIG_stigrule_254489_Manage: True
+win2022STIG_stigrule_254489_User_Account_Control_Virtualize_file_and_registry_write_failures_to_per_user_locations_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
+win2022STIG_stigrule_254489_User_Account_Control_Virtualize_file_and_registry_write_failures_to_per_user_locations_State: 'Present'
+win2022STIG_stigrule_254489_User_Account_Control_Virtualize_file_and_registry_write_failures_to_per_user_locations_ValueData: '1'
+win2022STIG_stigrule_254489_User_Account_Control_Virtualize_file_and_registry_write_failures_to_per_user_locations_ValueType: 'Dword'
+# R-254490 WN22-UC-000010
+win2022STIG_stigrule_254490_Manage: True
+win2022STIG_stigrule_254490_SaveZoneInformation_Key: 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments\'
+win2022STIG_stigrule_254490_SaveZoneInformation_State: 'Present'
+win2022STIG_stigrule_254490_SaveZoneInformation_ValueData: '2'
+win2022STIG_stigrule_254490_SaveZoneInformation_ValueType: 'Dword'
+# R-254491 WN22-UR-000010
+win2022STIG_stigrule_254491_Manage: True
+win2022STIG_stigrule_254491_SeTrustedCredManAccessPrivilege_Users: []
+# R-254492 WN22-UR-000020
+win2022STIG_stigrule_254492_Manage: True
+win2022STIG_stigrule_254492_SeTcbPrivilege_Users: []
+# R-254493 WN22-UR-000030
+win2022STIG_stigrule_254493_Manage: True
+win2022STIG_stigrule_254493_SeInteractiveLogonRight_Users: ['Administrators']
+# R-254494 WN22-UR-000040
+win2022STIG_stigrule_254494_Manage: True
+win2022STIG_stigrule_254494_SeBackupPrivilege_Users: ['Administrators']
+# R-254495 WN22-UR-000050
+win2022STIG_stigrule_254495_Manage: True
+win2022STIG_stigrule_254495_SeCreatePagefilePrivilege_Users: ['Administrators']
+# R-254496 WN22-UR-000060
+win2022STIG_stigrule_254496_Manage: True
+win2022STIG_stigrule_254496_SeCreateTokenPrivilege_Users: []
+# R-254497 WN22-UR-000070
+win2022STIG_stigrule_254497_Manage: True
+win2022STIG_stigrule_254497_SeCreateGlobalPrivilege_Users: ['Administrators','Service','Local Service','Network Service']
+# R-254498 WN22-UR-000080
+win2022STIG_stigrule_254498_Manage: True
+win2022STIG_stigrule_254498_SeCreatePermanentPrivilege_Users: []
+# R-254499 WN22-UR-000090
+win2022STIG_stigrule_254499_Manage: True
+win2022STIG_stigrule_254499_SeCreateSymbolicLinkPrivilege_Users: ['Administrators']
+# R-254500 WN22-UR-000100
+win2022STIG_stigrule_254500_Manage: True
+win2022STIG_stigrule_254500_SeDebugPrivilege_Users: ['Administrators']
+# R-254501 WN22-UR-000110
+win2022STIG_stigrule_254501_Manage: True
+win2022STIG_stigrule_254501_SeRemoteShutdownPrivilege_Users: ['Administrators']
+# R-254502 WN22-UR-000120
+win2022STIG_stigrule_254502_Manage: True
+win2022STIG_stigrule_254502_SeAuditPrivilege_Users: ['Local Service','Network Service']
+# R-254503 WN22-UR-000130
+win2022STIG_stigrule_254503_Manage: True
+win2022STIG_stigrule_254503_SeImpersonatePrivilege_Users: ['Administrators','Service','Local Service','Network Service']
+# R-254504 WN22-UR-000140
+win2022STIG_stigrule_254504_Manage: True
+win2022STIG_stigrule_254504_SeIncreaseBasePriorityPrivilege_Users: ['Administrators']
+# R-254505 WN22-UR-000150
+win2022STIG_stigrule_254505_Manage: True
+win2022STIG_stigrule_254505_SeLoadDriverPrivilege_Users: ['Administrators']
+# R-254506 WN22-UR-000160
+win2022STIG_stigrule_254506_Manage: True
+win2022STIG_stigrule_254506_SeLockMemoryPrivilege_Users: []
+# R-254507 WN22-UR-000170
+win2022STIG_stigrule_254507_Manage: True
+win2022STIG_stigrule_254507_SeSecurityPrivilege_Users: ['Administrators']
+# R-254508 WN22-UR-000180
+win2022STIG_stigrule_254508_Manage: True
+win2022STIG_stigrule_254508_SeSystemEnvironmentPrivilege_Users: ['Administrators']
+# R-254509 WN22-UR-000190
+win2022STIG_stigrule_254509_Manage: True
+win2022STIG_stigrule_254509_SeManageVolumePrivilege_Users: ['Administrators']
+# R-254510 WN22-UR-000200
+win2022STIG_stigrule_254510_Manage: True
+win2022STIG_stigrule_254510_SeProfileSingleProcessPrivilege_Users: ['Administrators']
+# R-254511 WN22-UR-000210
+win2022STIG_stigrule_254511_Manage: True
+win2022STIG_stigrule_254511_SeRestorePrivilege_Users: ['Administrators']
+# R-254512 WN22-UR-000220
+win2022STIG_stigrule_254512_Manage: True
+win2022STIG_stigrule_254512_SeTakeOwnershipPrivilege_Users: ['Administrators']
--- a/collections/ansible_collections/demo/compliance/roles/win2022STIG/files/U_MS_Windows_Server_2022_STIG_V1R1_Manual-xccdf.xml
+++ b/collections/ansible_collections/demo/compliance/roles/win2022STIG/files/U_MS_Windows_Server_2022_STIG_V1R1_Manual-xccdf.xml
--- a/collections/ansible_collections/demo/compliance/roles/win2022STIG/handlers/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/win2022STIG/handlers/main.yml
--- a/collections/ansible_collections/demo/compliance/roles/win2022STIG/tasks/main.yml
+++ b/collections/ansible_collections/demo/compliance/roles/win2022STIG/tasks/main.yml
--- a/collections/ansible_collections/demo/patching/plugins/modules/scan_packages.py
+++ b/collections/ansible_collections/demo/patching/plugins/modules/scan_packages.py
@@ -0,0 +1,97 @@
+#!/usr/bin/env python
+
+from ansible.module_utils.basic import * # noqa
+
+DOCUMENTATION = '''
+---
+module: scan_packages
+short_description: Return installed packages information as fact data
+description:
+    - Return information about installed packages as fact data
+'''
+
+EXAMPLES = '''
+# Example fact output:
+# host | success >> {
+#    "ansible_facts": {
+#        "packages": [
+#                {
+#                  "version": "1.0.6-5",
+#                  "source": "apt",
+#                  "arch": "amd64",
+#                  "name": "libbz2-1.0"
+#                },
+#                {
+#                  "version": "2.7.1-4ubuntu1",
+#                  "source": "apt",
+#                  "arch": "amd64",
+#                  "name": "patch"
+#                },
+#                {
+#                  "version": "4.8.2-19ubuntu1",
+#                  "source": "apt",
+#                  "arch": "amd64",
+#                  "name": "gcc-4.8-base"
+#                }
+#       ]
+'''
+
+
+def rpm_package_list():
+    import rpm
+    trans_set = rpm.TransactionSet()
+    installed_packages = []
+    for package in trans_set.dbMatch():
+        package_details = {
+                               'name':package[rpm.RPMTAG_NAME],
+                               'version':package[rpm.RPMTAG_VERSION],
+                               'release':package[rpm.RPMTAG_RELEASE],
+                               'epoch':package[rpm.RPMTAG_EPOCH],
+                               'arch':package[rpm.RPMTAG_ARCH],
+                               'source':'rpm' }
+        if installed_packages == []:
+            installed_packages = [package_details]
+        else:
+            installed_packages.append(package_details)
+    return installed_packages
+
+
+def deb_package_list():
+    import apt
+    apt_cache = apt.Cache()
+    installed_packages = []
+    apt_installed_packages = [pk for pk in apt_cache.keys() if apt_cache[pk].is_installed]
+    for package in apt_installed_packages:
+        ac_pkg = apt_cache[package].installed
+        package_details = {
+                               'name':package,
+                               'version':ac_pkg.version,
+                               'arch':ac_pkg.architecture,
+                               'source':'apt'}
+        if installed_packages == []:
+            installed_packages = [package_details]
+        else:
+            installed_packages.append(package_details)
+    return installed_packages
+
+
+def main():
+    module = AnsibleModule(
+        argument_spec = dict(os_family=dict(required=True))
+    )
+    ans_os = module.params['os_family']
+    if ans_os in ('RedHat', 'Suse', 'openSUSE Leap'):
+        packages = rpm_package_list()
+    elif ans_os == 'Debian':
+        packages = deb_package_list()
+    else:
+        packages = None
+
+    if packages is not None:
+        results = dict(ansible_facts=dict(packages=packages))
+    else:
+        results = dict(skipped=True, msg="Unsupported Distribution")
+    module.exit_json(**results)
+
+
+main()
--- a/collections/ansible_collections/demo/patching/plugins/modules/scan_services.py
+++ b/collections/ansible_collections/demo/patching/plugins/modules/scan_services.py
@@ -0,0 +1,186 @@
+#!/usr/bin/env python
+
+import re
+from ansible.module_utils.basic import * # noqa
+
+DOCUMENTATION = '''
+---
+module: scan_services
+short_description: Return service state information as fact data
+description:
+     - Return service state information as fact data for various service management utilities
+'''
+
+EXAMPLES = '''
+- monit: scan_services
+# Example fact output:
+# host | success >> {
+#    "ansible_facts": {
+#	"services": {
+#            "network": {
+#                    "source": "sysv",
+#                    "state": "running",
+#                    "name": "network"
+#            },
+#            "arp-ethers.service": {
+#                    "source": "systemd",
+#                    "state": "stopped",
+#                    "name": "arp-ethers.service"
+#            }
+#	}
+#   }
+'''
+
+
+class BaseService(object):
+
+    def __init__(self, module):
+        self.module = module
+        self.incomplete_warning = False
+
+
+class ServiceScanService(BaseService):
+
+    def gather_services(self):
+        services = {}
+        service_path = self.module.get_bin_path("service")
+        if service_path is None:
+            return None
+        initctl_path = self.module.get_bin_path("initctl")
+        chkconfig_path = self.module.get_bin_path("chkconfig")
+
+        # sysvinit
+        if service_path is not None and chkconfig_path is None:
+            rc, stdout, stderr = self.module.run_command("%s --status-all 2>&1 | grep -E \"\\[ (\\+|\\-) \\]\"" % service_path, use_unsafe_shell=True)
+            for line in stdout.split("\n"):
+                line_data = line.split()
+                if len(line_data) < 4:
+                    continue # Skipping because we expected more data
+                service_name = " ".join(line_data[3:])
+                if line_data[1] == "+":
+                    service_state = "running"
+                else:
+                    service_state = "stopped"
+                services[service_name] = {"name": service_name, "state": service_state, "source": "sysv"}
+
+        # Upstart
+        if initctl_path is not None and chkconfig_path is None:
+            p = re.compile('^\s?(?P<name>.*)\s(?P<goal>\w+)\/(?P<state>\w+)(\,\sprocess\s(?P<pid>[0-9]+))?\s*$')
+            rc, stdout, stderr = self.module.run_command("%s list" % initctl_path)
+            real_stdout = stdout.replace("\r","")
+            for line in real_stdout.split("\n"):
+                m = p.match(line)
+                if not m:
+                    continue
+                service_name = m.group('name')
+                service_goal = m.group('goal')
+                service_state = m.group('state')
+                if m.group('pid'):
+                    pid = m.group('pid')
+                else:
+                    pid = None  # NOQA
+                payload = {"name": service_name, "state": service_state, "goal": service_goal, "source": "upstart"}
+                services[service_name] = payload
+
+        # RH sysvinit
+        elif chkconfig_path is not None:
+            #print '%s --status-all | grep -E "is (running|stopped)"' % service_path
+            p = re.compile(
+                '(?P<service>.*?)\s+[0-9]:(?P<rl0>on|off)\s+[0-9]:(?P<rl1>on|off)\s+[0-9]:(?P<rl2>on|off)\s+'
+                '[0-9]:(?P<rl3>on|off)\s+[0-9]:(?P<rl4>on|off)\s+[0-9]:(?P<rl5>on|off)\s+[0-9]:(?P<rl6>on|off)')
+            rc, stdout, stderr = self.module.run_command('%s' % chkconfig_path, use_unsafe_shell=True)
+            # Check for special cases where stdout does not fit pattern
+            match_any = False
+            for line in stdout.split('\n'):
+                if p.match(line):
+                    match_any = True
+            if not match_any:
+                p_simple = re.compile('(?P<service>.*?)\s+(?P<rl0>on|off)')
+                match_any = False
+                for line in stdout.split('\n'):
+                    if p_simple.match(line):
+                        match_any = True
+                if match_any:
+                    # Try extra flags " -l --allservices" needed for SLES11
+                    rc, stdout, stderr = self.module.run_command('%s -l --allservices' % chkconfig_path, use_unsafe_shell=True)
+                elif '--list' in stderr:
+                    # Extra flag needed for RHEL5
+                    rc, stdout, stderr = self.module.run_command('%s --list' % chkconfig_path, use_unsafe_shell=True)
+            for line in stdout.split('\n'):
+                m = p.match(line)
+                if m:
+                    service_name = m.group('service')
+                    service_state = 'stopped'
+                    if m.group('rl3') == 'on':
+                        rc, stdout, stderr = self.module.run_command('%s %s status' % (service_path, service_name), use_unsafe_shell=True)
+                        service_state = rc
+                        if rc in (0,):
+                            service_state = 'running'
+                        #elif rc in (1,3):
+                        else:
+                            if 'root' in stderr or 'permission' in stderr.lower() or 'not in sudoers' in stderr.lower():
+                                self.incomplete_warning = True
+                                continue
+                            else:
+                                service_state = 'stopped'
+                    service_data = {"name": service_name, "state": service_state, "source": "sysv"}
+                    services[service_name] = service_data
+        return services
+
+
+class SystemctlScanService(BaseService):
+
+    def systemd_enabled(self):
+        # Check if init is the systemd command, using comm as cmdline could be symlink
+        try:
+            f = open('/proc/1/comm', 'r')
+        except IOError:
+            # If comm doesn't exist, old kernel, no systemd
+            return False
+        for line in f:
+            if 'systemd' in line:
+                return True
+        return False
+
+    def gather_services(self):
+        services = {}
+        if not self.systemd_enabled():
+            return None
+        systemctl_path = self.module.get_bin_path("systemctl", opt_dirs=["/usr/bin", "/usr/local/bin"])
+        if systemctl_path is None:
+            return None
+        rc, stdout, stderr = self.module.run_command("%s list-unit-files --type=service | tail -n +2 | head -n -2" % systemctl_path, use_unsafe_shell=True)
+        for line in stdout.split("\n"):
+            line_data = line.split()
+            if len(line_data) != 2:
+                continue
+            if line_data[1] == "enabled":
+                state_val = "running"
+            else:
+                state_val = "stopped"
+            services[line_data[0]] = {"name": line_data[0], "state": state_val, "source": "systemd"}
+        return services
+
+
+def main():
+    module = AnsibleModule(argument_spec = dict())
+    service_modules = (ServiceScanService, SystemctlScanService)
+    all_services = {}
+    incomplete_warning = False
+    for svc_module in service_modules:
+        svcmod = svc_module(module)
+        svc = svcmod.gather_services()
+        if svc is not None:
+            all_services.update(svc)
+            if svcmod.incomplete_warning:
+                incomplete_warning = True
+    if len(all_services) == 0:
+        results = dict(skipped=True, msg="Failed to find any services. Sometimes this is due to insufficient privileges.")
+    else:
+        results = dict(ansible_facts=dict(services=all_services))
+        if incomplete_warning:
+            results['msg'] = "WARNING: Could not find status for all services. Sometimes this is due to insufficient privileges."
+    module.exit_json(**results)
+
+
+main()
--- a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.ps1
+++ b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.ps1
@@ -0,0 +1,66 @@
+#!powershell
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+# WANT_JSON
+# POWERSHELL_COMMON
+
+$uninstall_native_path = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"
+$uninstall_wow6432_path = "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall"
+
+if ([System.IntPtr]::Size -eq 4) {
+
+    # This is a 32-bit Windows system, so we only check for 32-bit programs, which will be
+    # at the native registry location.
+
+    [PSObject []]$packages = Get-ChildItem -Path $uninstall_native_path |
+        Get-ItemProperty |
+        Select-Object -Property @{Name="name"; Expression={$_."DisplayName"}},
+            @{Name="version"; Expression={$_."DisplayVersion"}},
+            @{Name="publisher"; Expression={$_."Publisher"}},
+            @{Name="arch"; Expression={ "Win32" }} |
+        Where-Object { $_.name }
+
+} else {
+
+    # This is a 64-bit Windows system, so we check for 64-bit programs in the native
+    # registry location, and also for 32-bit programs under Wow6432Node.
+
+    [PSObject []]$packages = Get-ChildItem -Path $uninstall_native_path |
+        Get-ItemProperty |
+        Select-Object -Property @{Name="name"; Expression={$_."DisplayName"}},
+            @{Name="version"; Expression={$_."DisplayVersion"}},
+            @{Name="publisher"; Expression={$_."Publisher"}},
+            @{Name="arch"; Expression={ "Win64" }} |
+        Where-Object { $_.name }
+
+    $packages += Get-ChildItem -Path $uninstall_wow6432_path |
+        Get-ItemProperty |
+        Select-Object -Property @{Name="name"; Expression={$_."DisplayName"}},
+            @{Name="version"; Expression={$_."DisplayVersion"}},
+            @{Name="publisher"; Expression={$_."Publisher"}},
+            @{Name="arch"; Expression={ "Win32" }} |
+        Where-Object { $_.name }
+
+}
+
+$result = New-Object psobject @{
+    ansible_facts = New-Object psobject @{
+        packages = $packages
+    }
+    changed = $false
+}
+
+Exit-Json $result;
--- a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.py
+++ b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.py
@@ -0,0 +1,31 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+DOCUMENTATION = '''
+---
+module: win_scan_packages
+short_description: Return Package state information as fact data
+description:
+     - Return Package state information as fact data for various Packages
+'''
+
+EXAMPLES = '''
+- monit: win_scan_packages
+# Example fact output:
+# host | success >> {
+#    "ansible_facts": {
+#	"packages": [
+            {
+                "name": "Mozilla Firefox 76.0.1 (x64 en-US)",
+                "version": "76.0.1",
+                "publisher": "Mozilla",
+                "arch": "Win64"
+            },
+            {
+                "name": "Mozilla Maintenance Service",
+                "version": "76.0.1",
+                "publisher": "Mozilla",
+                "arch": "Win64"
+            },
+#   }
+'''
--- a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.ps1
+++ b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.ps1
@@ -0,0 +1,30 @@
+#!powershell
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+# WANT_JSON
+# POWERSHELL_COMMON
+
+$result = New-Object psobject @{
+    ansible_facts = New-Object psobject @{
+        services = Get-Service |
+            Select-Object -Property @{Name="name"; Expression={$_."DisplayName"}},
+                @{Name="win_svc_name"; Expression={$_."Name"}},
+                @{Name="state"; Expression={$_."Status".ToString().ToLower()}}
+    }
+    changed = $false
+}
+
+Exit-Json $result;
--- a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.py
+++ b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.py
@@ -0,0 +1,34 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+DOCUMENTATION = '''
+---
+module: win_scan_services
+short_description: Return service state information as fact data
+description:
+     - Return service state information as fact data for various service management utilities
+'''
+
+EXAMPLES = '''
+- monit: win_scan_services
+# Example fact output:
+# host | success >> {
+#    "ansible_facts": {
+#	"services": [
+            {
+                "name": "AllJoyn Router Service",
+                "win_svc_name": "AJRouter",
+                "state": "stopped"
+            },
+            {
+                "name": "Application Layer Gateway Service",
+                "win_svc_name": "ALG",
+                "state": "stopped"
+            },
+            {
+                "name": "Application Host Helper Service",
+                "win_svc_name": "AppHostSvc",
+                "state": "running"
+            },
+#   }
+'''
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/README.md
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/README.md
@@ -0,0 +1,36 @@
+build_report_network
+========
+
+Installs Apache and creates a report based on facts from network devices
+
+Requirements
+------------
+
+Must run on Apache server
+
+Role Variables / Configuration
+--------------
+
+N/A
+
+Dependencies
+------------
+
+N/A
+
+Example Playbook
+----------------
+
+The role can be used to create an html report on any number of Linux hosts using any number of network devices
+
+
+```
+---
+- hosts: all
+
+  tasks:
+  - name: Run Network Report
+    import_role:
+      name: shadowman.reports.build_report_network
+      
+```
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/example_results/Ansible
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/example_results/Ansible
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/files/css/main.css
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/files/css/main.css
@@ -0,0 +1,207 @@
+p.hostname {
+  color: #000000;
+  font-weight: bolder;
+  font-size: large;
+  margin: auto;
+  width: 50%;
+}
+
+#subtable {
+  background: #ebebeb;
+  margin: 0px;
+  width: 100%;
+}
+
+#subtable tbody tr td {
+  padding: 5px 5px 5px 5px;
+}
+
+#subtable thead th {
+  padding: 5px;
+}
+
+* {
+  -moz-box-sizing: border-box;
+  -webkit-box-sizing: border-box;
+  box-sizing: border-box;
+  font-family: "Open Sans", "Helvetica";
+
+}
+
+a {
+  color: #ffffff;
+}
+
+p {
+  color: #ffffff;
+}
+h1 {
+  text-align: center;
+  color: #ffffff;
+}
+
+body {
+  background:#353a40;
+  padding: 0px;
+  margin: 0px;
+  font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+}
+
+table {
+  border-collapse: separate;
+  background:#fff;
+  @include border-radius(5px);
+  @include box-shadow(0px 0px 5px rgba(0,0,0,0.3));
+}
+
+.main_net_table {
+  margin:50px auto;
+}
+
+.main_net_table {
+  margin:50px auto;
+}
+
+thead {
+  @include border-radius(5px);
+}
+
+thead th {
+  font-size:16px;
+  font-weight:400;
+  color:#fff;
+  @include text-shadow(1px 1px 0px rgba(0,0,0,0.5));
+  text-align:left;
+  padding:20px;
+  border-top:1px solid #858d99;
+  background: #353a40;
+
+  &:first-child {
+   @include border-top-left-radius(5px);
+  }
+
+  &:last-child {
+    @include border-top-right-radius(5px);
+  }
+}
+
+tbody tr td {
+  font-weight:400;
+  color:#5f6062;
+  font-size:13px;
+  padding:20px 20px 20px 20px;
+  border-bottom:1px solid #e0e0e0;
+
+}
+
+tbody tr:nth-child(2n) {
+  background:#f0f3f5;
+}
+
+tbody tr:last-child td {
+  border-bottom:none;
+  &:first-child {
+    @include border-bottom-left-radius(5px);
+  }
+  &:last-child {
+    @include border-bottom-right-radius(5px);
+  }
+}
+
+td {
+  vertical-align: top;
+}
+
+span.highlight {
+    background-color: yellow;
+}
+
+.expandclass {
+  color: #5f6062;
+}
+
+.content{
+         display:none;
+         margin: 10px;
+}
+
+header {
+  width: 100%;
+  position: initial;
+  float: initial;
+  padding: 0;
+  margin: 0;
+  border-radius: 0;
+  height: 88px;
+  background-color: #171717;
+}
+
+.header-container {
+  margin: 0 auto;
+  width: 100%;
+  height: 100%;
+  max-width: 1170px;
+  padding: 0;
+  float: initial;
+  display: flex;
+  align-items: center;
+}
+
+.header-logo {
+  width: 137px;
+  border: 0;
+  margin: 0;
+  margin-left: 15px;
+}
+
+.header-link {
+  margin-left: 40px;
+  text-decoration: none;
+  cursor: pointer;
+  text-transform: uppercase;
+  font-size: 15px;
+  font-family: 'Red Hat Text';
+  font-weight: 500;
+}
+
+.header-link:hover {
+  text-shadow: 0 0 0.02px white;
+  text-decoration: none;
+}
+
+table.net_info td {
+    padding: 5px;
+}
+
+p.expandclass:hover {
+    text-decoration: underline;
+    color: #EE0000;
+    cursor: pointer;
+}
+
+.summary_info {
+}
+
+.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover {
+    border: 1px solid #5F0000;
+    background: #EE0000;
+}
+
+div#net_content {
+    padding: 0px;
+    height: auto !important;
+}
+
+img.router_image {
+    vertical-align: middle;
+    padding: 0px 10px 10px 10px;
+    width: 50px;
+}
+
+table.net_info {
+    width: 100%;
+}
+
+p.internal_label {
+    color: #000000;
+}
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/files/redhat-ansible-logo.svg
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/files/redhat-ansible-logo.svg
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Logos" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="930.2px" height="350px" viewBox="0 0 930.2 350" style="enable-background:new 0 0 930.2 350;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#FFFFFF;}
+	.st1{fill:#EE0000;}
+</style>
+<title>Logo-Red_Hat-Ansible_Automation_Platform-A-Reverse-RGB</title>
+<path class="st0" d="M383.3,228.5h18.8L446,335.7h-17.5l-12.4-31.4h-48l-12.6,31.4h-16.7L383.3,228.5z M410.9,291l-18.7-47l-18.7,47
+	H410.9z"/>
+<path class="st0" d="M455.2,257.7h15.3v7.8c6.2-6.2,14.7-9.6,23.5-9.3c17.9,0,30.5,12.4,30.5,30.5v49h-15.3v-46.5
+	c0-12.3-7.5-19.8-19.3-19.8c-7.8-0.3-15.1,3.6-19.3,10.1v56.1h-15.3V257.7z"/>
+<path class="st0" d="M543,315.5c8.1,6.4,16.7,9.8,25.4,9.8c11,0,18.7-4.8,18.7-11.7c0-5.5-4-8.7-12.6-10l-14.1-2
+	c-15.5-2.3-23.3-9.5-23.3-21.6c0-14.1,12.3-23.6,30.5-23.6c11.3-0.1,22.3,3.4,31.5,9.9l-7.8,10.1c-8.6-5.7-16.4-8.1-24.7-8.1
+	c-9.3,0-15.6,4.3-15.6,10.6c0,5.7,3.7,8.4,12.9,9.8l14.1,2c15.5,2.3,23.6,9.7,23.6,21.7c0,14-14.1,24.5-32.6,24.5
+	c-13.5,0-25.6-4-34.2-11.5L543,315.5z"/>
+<path class="st0" d="M611.6,235.6c0-5.2,4.1-9.4,9.3-9.5c0,0,0,0,0,0c5.2-0.2,9.7,3.9,9.9,9.1c0.2,5.2-3.9,9.7-9.1,9.9
+	c-0.2,0-0.5,0-0.7,0C615.8,245.1,611.6,240.9,611.6,235.6C611.6,235.7,611.6,235.7,611.6,235.6z M628.6,335.7h-15.3v-78h15.3V335.7z
+	"/>
+<path class="st0" d="M685.5,336.9c-8.5,0-16.8-2.7-23.6-7.8v6.6h-15.2V228.5l15.3-3.4v40c6.6-5.6,15.1-8.7,23.7-8.6
+	c22.1,0,39.4,17.7,39.4,40.1C725.2,319.1,707.9,336.9,685.5,336.9z M662,279.2v35.2c4.9,5.7,13,9.2,21.8,9.2
+	c15,0,26.4-11.5,26.4-26.8c0-15.3-11.5-27-26.4-27C674.9,269.8,667.1,273.2,662,279.2z"/>
+<path class="st0" d="M755,335.7h-15.3V228.5l15.3-3.4V335.7z"/>
+<path class="st0" d="M810.5,337.1c-23,0-40.9-17.7-40.9-40.4c0-22.5,17.2-40.1,39.1-40.1c21.5,0,37.7,17.8,37.7,40.8v4.4h-61.6
+	c2,13,13.2,22.5,26.4,22.4c7.2,0.2,14.2-2.3,19.8-6.8l9.8,9.7C832.1,333.7,821.5,337.4,810.5,337.1z M784.9,290.2h46.3
+	c-2.3-11.9-11.5-20.8-22.8-20.8C796.5,269.4,787.2,277.8,784.9,290.2z"/>
+<path class="st1" d="M202.8,137.5c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5l-11-47.7c-2.5-10.5-4.8-15.2-23.2-24.5
+	c-14.3-7.3-45.5-19.4-54.7-19.4c-8.6,0-11.1,11.1-21.3,11.1c-9.8,0-17.1-8.3-26.4-8.3c-8.8,0-14.6,6-19,18.4c0,0-12.4,34.9-14,40
+	c-0.3,0.9-0.4,1.9-0.4,2.9C77.6,92.9,131.1,137.5,202.8,137.5 M250.8,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1
+	c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8c-24.8,1.3-56.9,5.7-56.9,34c0,46.4,109.9,103.5,196.9,103.5
+	c66.7,0,83.5-30.2,83.5-54C296.1,154.6,279.9,133.4,250.8,120.7"/>
+<path d="M250.7,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8
+	l5.4-13.3c-0.3,0.9-0.4,1.9-0.4,2.8c0,13.6,53.5,58.1,125.2,58.1c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5L250.7,120.7z"/>
+<path class="st0" d="M869.1,151.2c0,17.5,10.5,26,29.7,26c5.9-0.1,11.8-1,17.5-2.5v-20.3c-3.7,1.2-7.5,1.7-11.3,1.7
+	c-7.9,0-10.8-2.5-10.8-9.9v-31.1h22.9V94.2h-22.9V67.7l-25,5.4v21.1h-16.6v20.9h16.6L869.1,151.2z M791,151.7
+	c0-5.4,5.4-8.1,13.6-8.1c5,0,10,0.7,14.9,1.9V156c-4.8,2.6-10.2,3.9-15.6,3.9C795.9,159.9,791.1,156.8,791,151.7 M798.7,177.5
+	c8.8,0,16-1.9,22.6-6.3v5h24.8v-52.5c0-20-13.5-30.9-35.9-30.9c-12.6,0-25,2.9-38.3,9l9,18.4c9.6-4,17.7-6.5,24.8-6.5
+	c10.3,0,15.6,4,15.6,12.2v4c-6.1-1.6-12.3-2.4-18.6-2.3c-21.1,0-33.8,8.8-33.8,24.6C768.9,166.6,780.4,177.6,798.7,177.5
+	 M662.5,176.2h26.7v-42.5h44.6v42.5h26.7V67.7h-26.6v41.7h-44.6V67.7h-26.7L662.5,176.2z M561,135.1c0-11.8,9.3-20.8,21.5-20.8
+	c6.4-0.1,12.6,2.1,17.4,6.4v28.6c-4.7,4.4-10.9,6.7-17.4,6.5C570.5,155.8,561,146.8,561,135.1 M600.2,176.1H625V62.3l-25,5.4v30.8
+	c-6.4-3.6-13.6-5.5-20.9-5.4c-23.9,0-42.6,18.4-42.6,42c-0.3,23,18.1,41.9,41.1,42.2c0.2,0,0.5,0,0.7,0c7.9,0,15.6-2.5,22-7.1V176.1
+	z M486.5,113.2c7.9,0,14.6,5.1,17.2,13h-34.2C471.9,118,478.2,113.2,486.5,113.2 M444.2,135.2c0,23.9,19.5,42.5,44.6,42.5
+	c13.8,0,23.9-3.7,34.3-12.4l-16.6-14.7c-3.9,4-9.6,6.2-16.4,6.2c-8.8,0.2-16.8-4.9-20.2-13h58.4v-6.2c0-26-17.5-44.8-41.4-44.8
+	c-23.2-0.4-42.4,18.2-42.7,41.5C444.2,134.6,444.2,134.9,444.2,135.2 M400.9,90.5c8.8,0,13.8,5.6,13.8,12.2s-5,12.2-13.8,12.2h-26.3
+	V90.5H400.9z M347.9,176.2h26.7v-39.5h20.3l20.5,39.5h29.7l-23.9-43.4c12.4-5,20.5-17.1,20.4-30.5c0-19.5-15.3-34.5-38.3-34.5H348
+	L347.9,176.2z"/>
+</svg>
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/files/router.png
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/files/router.png
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/files/webpage_logo.png
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/files/webpage_logo.png
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml
@@ -0,0 +1,36 @@
+- name: Create web directory if it does not exist
+  ansible.builtin.file:
+    path: "{{ file_path }}"
+    state: directory
+    mode: "0755"
+
+- name: Create HTML report
+  ansible.builtin.template:
+    src: report.j2
+    dest: "{{ file_path }}/network.html"
+    mode: "0644"
+  check_mode: false
+
+- name: Copy CSS over
+  ansible.builtin.copy:
+    src: "css"
+    dest: "{{ file_path }}"
+    directory_mode: true
+    mode: "0775"
+  check_mode: false
+
+- name: Copy logos over
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "{{ file_path }}"
+    directory_mode: true
+    mode: "0644"
+  loop:
+    - "webpage_logo.png"
+    - "redhat-ansible-logo.svg"
+    - "router.png"
+  check_mode: false
+
+# - name: Display link to Linux patch report
+#   ansible.builtin.debug:
+#     msg: "Please go to http://{{ hostvars[report_server]['ansible_host'] }}/reports/network.html"
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/ansible.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/ansible.j2
@@ -0,0 +1,41 @@
+<!-- INTERNAL TABLE FOR Ansible -->
+<div id="accordion">
+<div>
+<h3>Ansible Automation Info</h3>
+<div class="net_content">
+<table class="net_info">
+<tbody>
+  <tr>
+    <td>Ansible user</td>
+    <td class="sub_net_info">{{ hostvars[network_switch]['ansible_user'] }}</td>
+  </tr>
+  <tr>
+    <td>Transport</td>
+    <td class="sub_net_info">{% set ansible_connection = hostvars[network_switch]['ansible_net_api'] %}{{ transport[ansible_connection] }}</td>
+  </tr>
+  <tr>
+    <td>Ansible Mgmt IP</td>
+    <td class="sub_net_info">{{ hostvars[network_switch]['ansible_host'] | default('N/A') }}</td>
+  </tr>
+  <tr>
+    <td>Ansible groups</td>
+    <td class="sub_net_info">{% for group in hostvars[network_switch]['group_names'] %}{{ group }} {% endfor %}</td>
+  </tr>
+  <tr>
+    <td>Ansible core version</td>
+    <td class="sub_net_info">{% for group in hostvars[network_switch]['ansible_version']['string']|default("Unknown") %}{{ group }} {% endfor %}</td>
+  </tr>
+  <tr>
+    <td>Ansible Python</td>
+    <td class="sub_net_info">{{ hostvars[network_switch]['ansible_playbook_python']|default("Unknown") }} </td>
+  </tr>
+  <tr>
+    <td>Python version</td>
+    <td class="sub_net_info">{{ hostvars[network_switch]['ansible_net_python_version']|default("Unknown") }} </td>
+  </tr>
+</tbody>
+</table>
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR Ansible -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/bgp.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/bgp.j2
@@ -0,0 +1,52 @@
+<!-- INTERNAL TABLE FOR BGP -->
+<div id="accordion">
+<div>
+<h3>BGP Global Info</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['bgp_global'] is defined and hostvars[network_switch]['ansible_network_resources']['bgp_global']|length > 0 %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>ASN</th>
+            <th>Router ID</th>
+
+        </tr>
+    </thead>
+    <tbody>
+        <tr>
+            <td>{{ hostvars[network_switch].ansible_network_resources.bgp_global['as_number']|default("Not Configured") }}</td>
+            <td>{{ hostvars[network_switch].ansible_network_resources.bgp_global.bgp['router_id']['address']|default("Not Configured") }}</td>
+        </tr>
+    </tbody>
+</table>
+{% if hostvars[network_switch]['ansible_network_resources']['bgp_global'][
+'neighbor'] is defined and hostvars[network_switch]['ansible_network_resources']['bgp_global'][
+'neighbor']|length > 0 %}
+<p class="internal_label">BGP Neighbors</p>
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>Address</th>
+            <th>Remote AS</th>
+
+        </tr>
+    </thead>
+    <tbody>
+    {% for bgp_neighbor in hostvars[network_switch].ansible_network_resources.bgp_global.neighbor %}
+        <tr>
+            <td>{{ bgp_neighbor['address']|default("Not Configured") }}</td>
+            <td>{{ bgp_neighbor['remote_as']|default("Not Configured") }}</td>
+        </tr>
+    {% endfor %}
+    </tbody>
+</table>
+{% endif %}
+{% elif hostvars[network_switch]['ansible_network_resources']['bgp_global'] is defined and hostvars[network_switch]['ansible_network_resources']['bgp_global']|length == 0 %}
+BGP is not configured on this device
+{% else %}
+No BGP information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR BGP -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/bgp_address_family.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/bgp_address_family.j2
@@ -0,0 +1,46 @@
+<!-- INTERNAL TABLE FOR BGP -->
+<div id="accordion">
+<div>
+<h3>BGP Address Family</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['bgp_address_family']['address_family'] is defined and hostvars[network_switch]['ansible_network_resources']['bgp_address_family']['address_family']|length > 0 %}
+
+{% for address_family in hostvars[network_switch]['ansible_network_resources']['bgp_address_family']['address_family'] %}
+<p class="internal_label">Address Family {{ address_family['afi'] }}</p>
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>Network</th>
+
+        </tr>
+    </thead>
+    <tbody>
+    {% if hostvars[network_switch]['ansible_network_resources']['bgp_address_family']['address_family']['networks'] is defined %}
+    {% for bgp_network in address_family['networks'] %}
+        <tr>
+            <td>{{ bgp_network['prefix']|default("Not Configured") }}</td>
+        </tr>
+    {% endfor %}
+    {% elif hostvars[network_switch]['ansible_network_resources']['bgp_address_family']['address_family']['network'] is defined %}
+    {% for bgp_network in address_family['network'] %}
+        <tr>
+            <td>{{ bgp_network['address']|default("Not Configured") }}</td>
+            <td>{{ bgp_network['mask']|default("Not Configured") }}</td>
+        </tr>
+    {% endfor %}
+    {% else %}
+    No BGP networks information available
+    {% endif %}
+    </tbody>
+</table>
+{% endfor %}
+
+{% elif hostvars[network_switch]['ansible_network_resources']['bgp_address_family']['address_family'] is defined and hostvars[network_switch]['ansible_network_resources']['bgp_address_family']['address_family']|length == 0 %}
+no BGP address-family is not configured on this device
+{% else %}
+No BGP information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR BGP -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/header.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/header.j2
@@ -0,0 +1,13 @@
+  <div class="wrapper">
+    <header>
+      <div class="header-container">
+        <a href="https://ansible.com">
+          <img
+            class="header-logo"
+            src="redhat-ansible-logo.svg"
+            title="Red Hat Ansible"
+            alt="Red Hat Ansible"
+          />
+        </a>
+      </div>
+    </header>
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/interfaces.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/interfaces.j2
@@ -0,0 +1,39 @@
+<!-- INTERNAL TABLE FOR INTERFACES -->
+<div id="accordion">
+<div>
+<h3>Interfaces - MTU/Duplex/Speed</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['interfaces'] is defined and hostvars[network_switch]['ansible_network_resources']['interfaces']|length > 0  %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>Interface Name</th>
+            <th>Description</th>
+            <th>Duplex</th>
+            <th>Enabled</th>
+            <th>MTU</th>
+            <th>Speed</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for interface in hostvars[network_switch]['ansible_network_resources']['interfaces'] %}
+        <tr>
+            <td>{{interface['name']}}</td>
+            <td>{{interface['description']|default("none")}}</td>
+            <td>{{interface['duplex']|default("default")}}</td>
+            <td>{{interface['enabled']|default("N/A")}}</td>
+            <td>{{interface['mtu']|default("default")}}</td>
+            <td>{{interface['speed']|default("default")}}</td>
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% elif hostvars[network_switch]['ansible_network_resources']['interfaces'] is defined and hostvars[network_switch]['ansible_network_resources']['interfaces']|length == 0 %}
+No interfaces configured on this device
+{% else %}
+No Interface information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR INTERFACES -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/l2_interfaces.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/l2_interfaces.j2
@@ -0,0 +1,37 @@
+<!-- INTERNAL TABLE FOR l2_interfaces -->
+<div id="accordion">
+<div>
+<h3>L2 Interfaces - Trunk/Access Ports</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['l2_interfaces'] is defined and hostvars[network_switch]['ansible_network_resources']['l2_interfaces']|length > 0 %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>Name</th>
+            <th>Mode</th>
+            <th>Access VLAN</th>
+            <th>Trunk Native VLAN</th>
+            <th>Trunk Allowed VLANs</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for l2_interface in hostvars[network_switch]['ansible_network_resources']['l2_interfaces'] %}
+        <tr>
+            <td>{{l2_interface['name']}}</td>
+            <td>{{l2_interface['mode']|default("Not Configured")}}</td>
+            <td>{{l2_interface['access']['vlan']|default("Not Configured")}}</td>
+            <td>{{l2_interface['trunk']['native_vlan']|default("Not Configured")}}</td>
+            <td>{{l2_interface['trunk']['trunk_allowed_vlans']|default("Not Configured")}}</td>
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% elif hostvars[network_switch]['ansible_network_resources']['l2_interfaces'] is defined and hostvars[network_switch]['ansible_network_resources']['l2_interfaces']|length == 0 %}
+L2 information is not configured on this device
+{% else %}
+No L2 information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR l2_interfaces -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/l3_interfaces.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/l3_interfaces.j2
@@ -0,0 +1,54 @@
+<!-- INTERNAL TABLE FOR L3_INTERFACES -->
+<div id="accordion">
+<div>
+<h3>L3 Interfaces - IP Addresses</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['l3_interfaces'] is defined and hostvars[network_switch]['ansible_network_resources']['l3_interfaces']|length > 0 %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>Interface Name</th>
+            <th>IPv4</th>
+            <th>IPv6</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for interface in hostvars[network_switch]['ansible_network_resources']['l3_interfaces'] %}
+        <tr>
+            <td>{{interface['name']}}</td>
+<!-- INTERNAL IPv4 LOOP FOR L3_INTERFACES -->
+            <td>
+{% if interface.ipv4 is defined %}
+{% for address in interface.ipv4 %}
+{{ address['address']|default("Not Configured") }}
+{% if address['secondary'] is defined %}
+secondary
+{% endif %}
+{% if loop.length > 1 and not loop.last %}<br>{% endif %}
+{% endfor %}
+{% endif %}
+            </td>
+<!-- END IPv4 INTERNAL LOOP FOR L3_INTERFACES -->
+<!-- INTERNAL IPv6 LOOP FOR L3_INTERFACES -->
+            <td>
+{% if interface.ipv6 is defined %}
+{% for v6address in interface.ipv6 %}
+{{v6address['address']|default("Not Configured") }}
+{% if loop.length > 1 and not loop.last %}<br>{% endif %}
+{% endfor %}
+{% endif %}
+            </td>
+<!-- END INTERNAL LOOP FOR L3_INTERFACES -->
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% elif hostvars[network_switch]['ansible_network_resources']['l3_interfaces'] is defined and hostvars[network_switch]['ansible_network_resources']['l3_interfaces']|length == 0 %}
+L3 information is not configured on this device
+{% else %}
+No L3 information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR L3_INTERFACES -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/lacp.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/lacp.j2
@@ -0,0 +1,29 @@
+<!-- INTERNAL TABLE FOR LACP -->
+<div id="accordion">
+<div>
+<h3>LACP</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['lacp'] is defined and hostvars[network_switch]['ansible_network_resources']['lacp'].keys()|length > 0  %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>System Priority</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for property in hostvars[network_switch]['ansible_network_resources']['lacp'] %}
+        <tr>
+            <td>{% if property['system'] is defined %} }{{property['system']['priority']}}{% else %}LACP not configured {% endif %}</td>
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% elif hostvars[network_switch]['ansible_network_resources']['lacp'] is defined and hostvars[network_switch]['ansible_network_resources']['lacp'].keys()|length == 0 %}
+LACP is not configured on this device
+{% else %}
+No LACP information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR LACP -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/lldp_interfaces.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/lldp_interfaces.j2
@@ -0,0 +1,31 @@
+<!-- INTERNAL TABLE FOR lldp_interfaces -->
+<div id="accordion">
+<div>
+<h3>LLDP Interfaces</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['lldp_interfaces'] is defined %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>vlan_id</th>
+            <th>Name</th>
+            <th>state</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for interface in hostvars[network_switch]['ansible_network_resources']['lldp_interfaces'] %}
+        <tr>
+            <td>{{interface['name']}}</td>
+            <td>{{interface['receive']|default("Not Configured")}}</td>
+            <td>{{interface['transmit']|default("Not Configured")}}</td>
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% else %}
+No LLDP information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR lldp_interfaces -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/ospf.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/ospf.j2
@@ -0,0 +1,31 @@
+<!-- INTERNAL TABLE FOR OSPF -->
+<div id="accordion">
+<div>
+<h3>OSPF Global Info</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['ospfv2'] is defined and hostvars[network_switch]['ansible_network_resources']['ospfv2']|length > 0 %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>Process ID</th>
+            <th>Router ID</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for key,value in hostvars[network_switch]['ansible_network_resources']['ospfv2'].items() %}
+        <tr>
+            <td>{{ value[0].process_id }}</td>
+            <td>{{ value[0].router_id|default("Not Configured") }}</td>
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% elif hostvars[network_switch]['ansible_network_resources']['ospfv2'] is defined and hostvars[network_switch]['ansible_network_resources']['ospfv2']|length == 0 %}
+OSPF is not configured on this device
+{% else %}
+No OSPF information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR OSPF -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/report.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/report.j2
@@ -0,0 +1,105 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Network Automation Report</title>
+  <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
+  <link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
+  <link rel="stylesheet" href="css/main.css">
+  <script src="https://code.jquery.com/jquery-1.12.4.js"></script>
+  <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
+<script>
+$(function() {
+$( "#accordion > div" ).accordion({
+    header: "h3",
+    active: false,
+collapsible: true
+});
+});
+</script>
+</head>
+<body>
+  {% include 'header.j2' %}
+<section>
+<center>
+<h1>Ansible Network Automation Example Report</h1>
+</center>
+<table class="main_net_table">
+    <thead>
+        <tr>
+            <th>Network Device</th>
+            <th>Layer 1</th>
+            <th>Layer 2</th>
+            <th>Layer 3</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for network_switch in groups['routers']|sort %}
+{% if hostvars[network_switch].ansible_facts.network_resources is defined %}
+        <tr>
+            <td class="summary_info">
+              <div id="hostname">
+              <p class="hostname"><img class="router_image" src="router.png" alt="picture of network device">{{ hostvars[network_switch].ansible_net_hostname }}</p>
+            </div>
+              <div id="net_info_div">
+              <table class="net_info">
+              <tbody>
+                <tr>
+                  <td>Platform</td>
+                  <td class="sub_net_info">{% set ansible_network_os = hostvars[network_switch]['ansible_net_system'] %}{{ vendor[ansible_network_os]}} {{hostvars[network_switch]['ansible_net_system'] }}</td>
+                </tr>
+                <tr>
+                  <td>Code Version</td>
+                  <td class="sub_net_info">{{ hostvars[network_switch]['ansible_net_version'] }}</td>
+                </tr>
+                <tr>
+                  <td>Model</td>
+                  <td class="sub_net_info">{{ hostvars[network_switch]['ansible_net_model'] }}</td>
+                </tr>
+                <tr>
+                  <td>Serial Number</td>
+                  <td class="sub_net_info">{{ hostvars[network_switch]['ansible_net_serialnum'] | default('N/A') }}</td>
+                </tr>
+              </tbody>
+              </table>
+
+
+            {% include 'ansible.j2' %}
+          </div>
+
+
+
+            </td>
+
+            <td>
+            {% include 'interfaces.j2' %}
+            </td>
+            <td>
+            {% include 'vlans.j2' %}
+            {% include 'lldp_interfaces.j2' %}
+            {% include 'l2_interfaces.j2' %}
+            </td>
+            <td>
+            {% include 'l3_interfaces.j2' %}
+            {% include 'lacp.j2' %}
+            {% include 'static.j2' %}
+            {% include 'bgp.j2' %}
+            {% include 'bgp_address_family.j2' %}
+            {% include 'ospf.j2' %}
+            </td>
+        </tr>
+{% endif %}
+{% endfor %}
+    </tbody>
+</table>
+<center><p>Created with</p><br><img src="webpage_logo.png" width="300" alt="red hat ansible automation platform logo">
+<p>The source code to create this report can be found at <a href="https://github.com/network-automation/toolkit">https://github.com/network-automation/toolkit</a><br><br>
+If you are new to Ansible Automation check out the following links:<br>
+<a href="https://docs.ansible.com/ansible/latest/user_guide/intro_getting_started.html">Getting Started</a><br>
+<a target="_blank" href="https://ansible.com/workshops">Free hands-on workshops</a><br>
+<a href="https://youtube.com/ansibleautomation">Youtube Videos</a><br>
+</p>
+</center>
+</section>
+</div>
+</body>
+</html>
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/static.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/static.j2
@@ -0,0 +1,45 @@
+<!-- INTERNAL TABLE FOR Static Routes -->
+<div id="accordion">
+<div>
+<h3>Static Routes</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['static_routes'] is defined and hostvars[network_switch]['ansible_network_resources']['static_routes']|length > 0 %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>VRF</th>
+            <th>Address-Family</th>
+            <th>Route</th>
+            <th>Interface</th>
+            <th>Next-Hop Address</th>
+            <th>Global</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for net_route in hostvars[network_switch]['ansible_network_resources']['static_routes'] %}
+<tr>
+    <td>{{ net_route['vrf']|default("N/A") }}</td>
+{% for address_family in net_route.address_families|default([]) %}
+<td>{{ address_family['afi'] }}</td>
+{% for routes in address_family['routes'] %}
+<td>{{ routes['dest'] }}</td>
+{% for next_hops in routes['next_hops'] %}
+<td>{{ next_hops['interface']|default("N/A") }}</td>
+<td>{{ next_hops['forward_router_address']|default("N/A") }}</td>
+<td>{{ next_hops['global']|default("N/A") }}</td>
+{% endfor %}
+{% endfor %}
+{% endfor %}
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% elif hostvars[network_switch]['ansible_network_resources']['static_routes'] is defined and hostvars[network_switch]['ansible_network_resources']['static_routes']|length == 0 %}
+Static Routes are not configured on this device
+{% else %}
+No Static Route information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR Static Routes -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/templates/vlans.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/templates/vlans.j2
@@ -0,0 +1,33 @@
+<!-- INTERNAL TABLE FOR VLANS -->
+<div id="accordion">
+<div>
+<h3>VLANs</h3>
+<div class="net_content">
+{% if hostvars[network_switch]['ansible_network_resources']['vlans'] is defined and hostvars[network_switch]['ansible_network_resources']['vlans']|length > 0 %}
+<table id="subtable">
+    <thead>
+        <tr>
+            <th>vlan_id</th>
+            <th>Name</th>
+            <th>state</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for vlan in hostvars[network_switch]['ansible_network_resources']['vlans'] %}
+        <tr>
+            <td>{{vlan['vlan_id']}}</td>
+            <td>{{vlan['name']|default("none")}}</td>
+            <td>{{vlan['state']|default("default")}}</td>
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% elif hostvars[network_switch]['ansible_network_resources']['vlans'] is defined and hostvars[network_switch]['ansible_network_resources']['vlans']|length == 0 %}
+VLANs are not configured on this device
+{% else %}
+No VLAN information available
+{% endif %}
+</div>
+</div>
+</div>
+<!-- END INTERNAL TABLE FOR VLANS -->
--- a/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml
@@ -0,0 +1,11 @@
+file_path: "{{ web_path | default('/var/www/html/reports') }}"
+vendor:
+  ios: &my_value 'Cisco'
+  nxos: *my_value
+  iosxr: *my_value
+  junos: "Juniper"
+  eos: "Arista"
+transport:
+  cliconf: "Network_CLI"
+  netconf: "NETCONF"
+  nxapi: "NX-API"
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/README.md
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/README.md
@@ -0,0 +1,36 @@
+build_report_windows
+========
+
+Installs Apache and creates a report based on facts from Windows services and packages modules
+
+Requirements
+------------
+
+Must run on Apache server
+
+Role Variables / Configuration
+--------------
+
+N/A
+
+Dependencies
+------------
+
+N/A
+
+Example Playbook
+----------------
+
+The role can be used to create an html report on any number of Linux hosts using any number of Windows servers about their services and packages installed
+
+
+```
+---
+- hosts: all
+
+  tasks:
+  - name: Run Windows Report
+    import_role:
+      name: shadowman.reports.build_report_windows
+      
+```
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml
@@ -0,0 +1,2 @@
+---
+detailedreport: true
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/example_results/Ansible
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/example_results/Ansible
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/files/css/new.css
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/files/css/new.css
@@ -0,0 +1,202 @@
+p.hostname {
+    color: #000000;
+    font-weight: bolder;
+    font-size: large;
+    margin: auto;
+    width: 50%;
+  }
+  
+  #subtable {
+    background: #ebebeb;
+    margin: 0px;
+    width: 100%;
+  }
+  
+  #subtable tbody tr td {
+    padding: 5px 5px 5px 5px;
+  }
+  
+  #subtable thead th {
+    padding: 5px;
+  }
+  
+  * {
+    -moz-box-sizing: border-box;
+    -webkit-box-sizing: border-box;
+    box-sizing: border-box;
+    font-family: "Open Sans", "Helvetica";
+  
+  }
+  
+  a {
+    color: #ffffff;
+  }
+  
+  p {
+    color: #ffffff;
+  }
+  h1 {
+    text-align: center;
+    color: #ffffff;
+  }
+  
+  body {
+    background:#353a40;
+    padding: 0px;
+    margin: 0px;
+    font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+  }
+  
+  table {
+    border-collapse: separate;
+    background:#fff;
+    @include border-radius(5px);
+    @include box-shadow(0px 0px 5px rgba(0,0,0,0.3));
+  }
+
+  .main_net_table {
+    margin:50px auto;
+  }
+  
+  thead {
+    @include border-radius(5px);
+  }
+  
+  thead th {
+    font-size:16px;
+    font-weight:400;
+    color:#fff;
+    @include text-shadow(1px 1px 0px rgba(0,0,0,0.5));
+    text-align:left;
+    padding:20px;
+    border-top:1px solid #858d99;
+    background: #353a40;
+  
+    &:first-child {
+     @include border-top-left-radius(5px);
+    }
+  
+    &:last-child {
+      @include border-top-right-radius(5px);
+    }
+  }
+  
+  tbody tr td {
+    font-weight:400;
+    color:#5f6062;
+    font-size:13px;
+    padding:20px 20px 20px 20px;
+    border-bottom:1px solid #e0e0e0;
+  }
+  
+  tbody tr:nth-child(2n) {
+    background:#f0f3f5;
+  }
+  
+  tbody tr:last-child td {
+    border-bottom:none;
+    &:first-child {
+      @include border-bottom-left-radius(5px);
+    }
+    &:last-child {
+      @include border-bottom-right-radius(5px);
+    }
+  }
+  
+  td {
+    vertical-align: top;
+  }
+
+  span.highlight {
+      background-color: yellow;
+  }
+  
+  .expandclass {
+    color: #5f6062;
+  }
+  
+  .content{
+           display:none;
+           margin: 10px;
+  }
+  
+  header {
+    width: 100%;
+    position: initial;
+    float: initial;
+    padding: 0;
+    margin: 0;
+    border-radius: 0;
+    height: 88px;
+    background-color: #171717;
+  }
+  
+  .header-container {
+    margin: 0 auto;
+    width: 100%;
+    height: 100%;
+    max-width: 1170px;
+    padding: 0;
+    float: initial;
+    display: flex;
+    align-items: center;
+  }
+  
+  .header-logo {
+    width: 137px;
+    border: 0;
+    margin: 0;
+    margin-left: 15px;
+  }
+  
+  .header-link {
+    margin-left: 40px;
+    text-decoration: none;
+    cursor: pointer;
+    text-transform: uppercase;
+    font-size: 15px;
+    font-family: 'Red Hat Text';
+    font-weight: 500;
+  }
+  
+  .header-link:hover {
+    text-shadow: 0 0 0.02px white;
+    text-decoration: none;
+  }
+  
+  table.net_info td {
+    padding: 5px;
+}
+
+p.expandclass:hover {
+    text-decoration: underline;
+    color: #EE0000;
+    cursor: pointer;
+}
+
+.summary_info {
+}
+
+.ui-state-active, .ui-widget-content .ui-state-active, .ui-widget-header .ui-state-active, a.ui-button:active, .ui-button:active, .ui-button.ui-state-active:hover {
+    border: 1px solid #5F0000;
+    background: #EE0000;
+}
+
+div#net_content {
+    padding: 0px;
+    height: auto !important;
+}
+
+img.router_image {
+    vertical-align: middle;
+    padding: 0px 10px 10px 10px;
+    width: 50px;
+}
+
+table.net_info {
+    width: 100%;
+}
+
+p.internal_label {
+    color: #000000;
+}
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/files/redhat-ansible-logo.svg
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/files/redhat-ansible-logo.svg
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 24.0.3, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Logos" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="930.2px" height="350px" viewBox="0 0 930.2 350" style="enable-background:new 0 0 930.2 350;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#FFFFFF;}
+	.st1{fill:#EE0000;}
+</style>
+<title>Logo-Red_Hat-Ansible_Automation_Platform-A-Reverse-RGB</title>
+<path class="st0" d="M383.3,228.5h18.8L446,335.7h-17.5l-12.4-31.4h-48l-12.6,31.4h-16.7L383.3,228.5z M410.9,291l-18.7-47l-18.7,47
+	H410.9z"/>
+<path class="st0" d="M455.2,257.7h15.3v7.8c6.2-6.2,14.7-9.6,23.5-9.3c17.9,0,30.5,12.4,30.5,30.5v49h-15.3v-46.5
+	c0-12.3-7.5-19.8-19.3-19.8c-7.8-0.3-15.1,3.6-19.3,10.1v56.1h-15.3V257.7z"/>
+<path class="st0" d="M543,315.5c8.1,6.4,16.7,9.8,25.4,9.8c11,0,18.7-4.8,18.7-11.7c0-5.5-4-8.7-12.6-10l-14.1-2
+	c-15.5-2.3-23.3-9.5-23.3-21.6c0-14.1,12.3-23.6,30.5-23.6c11.3-0.1,22.3,3.4,31.5,9.9l-7.8,10.1c-8.6-5.7-16.4-8.1-24.7-8.1
+	c-9.3,0-15.6,4.3-15.6,10.6c0,5.7,3.7,8.4,12.9,9.8l14.1,2c15.5,2.3,23.6,9.7,23.6,21.7c0,14-14.1,24.5-32.6,24.5
+	c-13.5,0-25.6-4-34.2-11.5L543,315.5z"/>
+<path class="st0" d="M611.6,235.6c0-5.2,4.1-9.4,9.3-9.5c0,0,0,0,0,0c5.2-0.2,9.7,3.9,9.9,9.1c0.2,5.2-3.9,9.7-9.1,9.9
+	c-0.2,0-0.5,0-0.7,0C615.8,245.1,611.6,240.9,611.6,235.6C611.6,235.7,611.6,235.7,611.6,235.6z M628.6,335.7h-15.3v-78h15.3V335.7z
+	"/>
+<path class="st0" d="M685.5,336.9c-8.5,0-16.8-2.7-23.6-7.8v6.6h-15.2V228.5l15.3-3.4v40c6.6-5.6,15.1-8.7,23.7-8.6
+	c22.1,0,39.4,17.7,39.4,40.1C725.2,319.1,707.9,336.9,685.5,336.9z M662,279.2v35.2c4.9,5.7,13,9.2,21.8,9.2
+	c15,0,26.4-11.5,26.4-26.8c0-15.3-11.5-27-26.4-27C674.9,269.8,667.1,273.2,662,279.2z"/>
+<path class="st0" d="M755,335.7h-15.3V228.5l15.3-3.4V335.7z"/>
+<path class="st0" d="M810.5,337.1c-23,0-40.9-17.7-40.9-40.4c0-22.5,17.2-40.1,39.1-40.1c21.5,0,37.7,17.8,37.7,40.8v4.4h-61.6
+	c2,13,13.2,22.5,26.4,22.4c7.2,0.2,14.2-2.3,19.8-6.8l9.8,9.7C832.1,333.7,821.5,337.4,810.5,337.1z M784.9,290.2h46.3
+	c-2.3-11.9-11.5-20.8-22.8-20.8C796.5,269.4,787.2,277.8,784.9,290.2z"/>
+<path class="st1" d="M202.8,137.5c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5l-11-47.7c-2.5-10.5-4.8-15.2-23.2-24.5
+	c-14.3-7.3-45.5-19.4-54.7-19.4c-8.6,0-11.1,11.1-21.3,11.1c-9.8,0-17.1-8.3-26.4-8.3c-8.8,0-14.6,6-19,18.4c0,0-12.4,34.9-14,40
+	c-0.3,0.9-0.4,1.9-0.4,2.9C77.6,92.9,131.1,137.5,202.8,137.5 M250.8,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1
+	c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8c-24.8,1.3-56.9,5.7-56.9,34c0,46.4,109.9,103.5,196.9,103.5
+	c66.7,0,83.5-30.2,83.5-54C296.1,154.6,279.9,133.4,250.8,120.7"/>
+<path d="M250.7,120.7c2.5,12.1,2.5,13.3,2.5,14.9c0,20.6-23.2,32.1-53.7,32.1c-69,0-129.3-40.3-129.3-67c0-3.7,0.8-7.4,2.2-10.8
+	l5.4-13.3c-0.3,0.9-0.4,1.9-0.4,2.8c0,13.6,53.5,58.1,125.2,58.1c18.4,0,45.1-3.8,45.1-25.7c0.1-1.7-0.1-3.4-0.5-5L250.7,120.7z"/>
+<path class="st0" d="M869.1,151.2c0,17.5,10.5,26,29.7,26c5.9-0.1,11.8-1,17.5-2.5v-20.3c-3.7,1.2-7.5,1.7-11.3,1.7
+	c-7.9,0-10.8-2.5-10.8-9.9v-31.1h22.9V94.2h-22.9V67.7l-25,5.4v21.1h-16.6v20.9h16.6L869.1,151.2z M791,151.7
+	c0-5.4,5.4-8.1,13.6-8.1c5,0,10,0.7,14.9,1.9V156c-4.8,2.6-10.2,3.9-15.6,3.9C795.9,159.9,791.1,156.8,791,151.7 M798.7,177.5
+	c8.8,0,16-1.9,22.6-6.3v5h24.8v-52.5c0-20-13.5-30.9-35.9-30.9c-12.6,0-25,2.9-38.3,9l9,18.4c9.6-4,17.7-6.5,24.8-6.5
+	c10.3,0,15.6,4,15.6,12.2v4c-6.1-1.6-12.3-2.4-18.6-2.3c-21.1,0-33.8,8.8-33.8,24.6C768.9,166.6,780.4,177.6,798.7,177.5
+	 M662.5,176.2h26.7v-42.5h44.6v42.5h26.7V67.7h-26.6v41.7h-44.6V67.7h-26.7L662.5,176.2z M561,135.1c0-11.8,9.3-20.8,21.5-20.8
+	c6.4-0.1,12.6,2.1,17.4,6.4v28.6c-4.7,4.4-10.9,6.7-17.4,6.5C570.5,155.8,561,146.8,561,135.1 M600.2,176.1H625V62.3l-25,5.4v30.8
+	c-6.4-3.6-13.6-5.5-20.9-5.4c-23.9,0-42.6,18.4-42.6,42c-0.3,23,18.1,41.9,41.1,42.2c0.2,0,0.5,0,0.7,0c7.9,0,15.6-2.5,22-7.1V176.1
+	z M486.5,113.2c7.9,0,14.6,5.1,17.2,13h-34.2C471.9,118,478.2,113.2,486.5,113.2 M444.2,135.2c0,23.9,19.5,42.5,44.6,42.5
+	c13.8,0,23.9-3.7,34.3-12.4l-16.6-14.7c-3.9,4-9.6,6.2-16.4,6.2c-8.8,0.2-16.8-4.9-20.2-13h58.4v-6.2c0-26-17.5-44.8-41.4-44.8
+	c-23.2-0.4-42.4,18.2-42.7,41.5C444.2,134.6,444.2,134.9,444.2,135.2 M400.9,90.5c8.8,0,13.8,5.6,13.8,12.2s-5,12.2-13.8,12.2h-26.3
+	V90.5H400.9z M347.9,176.2h26.7v-39.5h20.3l20.5,39.5h29.7l-23.9-43.4c12.4-5,20.5-17.1,20.4-30.5c0-19.5-15.3-34.5-38.3-34.5H348
+	L347.9,176.2z"/>
+</svg>
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/files/server.png
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/files/server.png
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/files/webpage_logo.png
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/files/webpage_logo.png
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml
@@ -0,0 +1,27 @@
+- name: Create HTML report
+  ansible.builtin.template:
+    src: report.j2
+    dest: "{{ file_path }}/windows.html"
+    mode: "0644"
+
+- name: Copy CSS over
+  ansible.builtin.copy:
+    src: "css"
+    dest: "{{ file_path }}"
+    directory_mode: true
+    mode: "0755"
+
+- name: Copy logos over
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "{{ file_path }}"
+    directory_mode: true
+    mode: "0644"
+  loop:
+    - "webpage_logo.png"
+    - "redhat-ansible-logo.svg"
+    - "server.png"
+
+- name: Display link to inventory report
+  ansible.builtin.debug:
+    msg: "Please go to http://{{ ansible_host }}/windows.html"
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/header.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/header.j2
@@ -0,0 +1,15 @@
+
+   
+  <div class="wrapper">
+    <header>
+      <div class="header-container">
+        <a href="https://ansible.com">
+          <img
+            class="header-logo"
+            src="redhat-ansible-logo.svg"
+            title="Red Hat Ansible"
+            alt="Red Hat Ansible"
+          />
+        </a>
+      </div>
+    </header>
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/packages.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/packages.j2
@@ -0,0 +1,29 @@
+<!–– INTERNAL TABLE FOR PACKAGES --!>
+<div id="accordion">
+<div class="ui-accordion ui-widget ui-helper-reset" role="tablist">
+<h3 class="ui-accordion-header ui-corner-top ui-state-default ui-accordion-icons ui-accordion-header-collapsed ui-corner-all" role="tab" id="ui-id-3" aria-controls="ui-id-4" aria-selected="false" aria-expanded="false" tabindex="0">Package Facts</h3>
+<div class="net_content ui-accordion-content ui-corner-bottom ui-helper-reset ui-widget-content" id="ui-id-4" aria-labelledby="ui-id-3" role="tabpanel" aria-hidden="true" style="display: none; height: 194px;">
+<table id="subtable" class="sortable">
+    <thead>
+        <tr>
+            <th>Package Name</th>
+            <th>Version</th>
+            <th>Publisher</th>
+        </tr>
+    </thead>
+    <tbody>
+    {% if hostvars[windows_host]['packages'] is defined %}
+    {% for package in hostvars[windows_host]['packages'] %}
+        <tr>
+            <td>{{package['name']}}</td>
+            <td>{{package['version']}}</td>
+            <td>{{package['publisher']}}</td>
+        </tr>
+    {% endfor %}
+    {% endif %}
+    </tbody>
+</table>
+</div>
+</div>
+</div>
+<!–– END INTERNAL TABLE FOR PACKAGES --!>
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/report.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/report.j2
@@ -0,0 +1,101 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title> Ansible Windows Automation Report </title>
+  <link rel="stylesheet" type="text/css" href="//fonts.googleapis.com/css?family=Open+Sans" />
+  <link rel="stylesheet" href="//code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css">
+  <link rel="stylesheet" href="css/new.css">
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>
+<script src="https://code.jquery.com/jquery-1.12.4.js"></script>
+<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script>
+<script src="https://www.kryogenix.org/code/browser/sorttable/sorttable.js"></script>
+<script>
+$(function() {
+$( "#accordion > div" ).accordion({
+    header: "h3",
+    active: false,
+collapsible: true
+});
+});
+</script>
+<script>
+        (function(document) {
+            'use strict';
+
+            var TableFilter = (function(myArray) {
+                var search_input;
+
+                function _onInputSearch(e) {
+                    search_input = e.target;
+                    var tables = document.getElementsByClassName(search_input.getAttribute('data-table'));
+                    myArray.forEach.call(tables, function(table) {
+                        myArray.forEach.call(table.tBodies, function(tbody) {
+                            myArray.forEach.call(tbody.rows, function(row) {
+                                var text_content = row.textContent.toLowerCase();
+                                var search_val = search_input.value.toLowerCase();
+                                row.style.display = text_content.indexOf(search_val) > -1 ? '' : 'none';
+                            });
+                        });
+                    });
+                }
+
+                return {
+                    init: function() {
+                        var inputs = document.getElementsByClassName('search-input');
+                        myArray.forEach.call(inputs, function(input) {
+                            input.oninput = _onInputSearch;
+                        });
+                    }
+                };
+            })(Array.prototype);
+
+            document.addEventListener('readystatechange', function() {
+                if (document.readyState === 'complete') {
+                    TableFilter.init();
+                }
+            });
+
+        })(document);
+    </script>
+</head>
+<body>
+<div class="wrapper">
+  {% include 'header.j2' %}
+<section>
+<center>
+<h1>Ansible Windows Automation Report</h1>
+<h3><input type="search" placeholder="Search..." class="form-control search-input" data-table="main_net_table"/>
+</center>
+<table class="table table-striped mt32 main_net_table">
+    <thead>
+        <tr>
+            <th>Windows Device</th>
+            <th>Operating System</th>
+            <th>Operating System Kernel Version</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for windows_host in groups['tag_Windows']|sort %}
+        <tr>
+            <td class="summary_info">
+              <div id="hostname">
+                <p class="hostname"> 
+                  <img class="router_image" src="server.png"> {{ hostvars[windows_host]['inventory_hostname'].split('.')[0] }}</p>
+                </div>
+{% if detailedreport == 'True' %}
+{% include 'packages.j2' %}
+{% include 'services.j2' %}
+{% endif %}
+</td>
+            <td>{{hostvars[windows_host]['ansible_os_family']|default("none")}}</td>
+            <td>{{hostvars[windows_host]['ansible_distribution']|default("none")}}</td>
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+<center><p>Created with</p><br><img src="webpage_logo.png" width="300">
+</center>
+</section>
+</div>
+</body>
+</html>
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/services.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/templates/services.j2
@@ -0,0 +1,29 @@
+<!–– INTERNAL TABLE FOR SERVICES --!>
+<div id="accordion">
+<div class="ui-accordion ui-widget ui-helper-reset" role="tablist">
+<h3 class="ui-accordion-header ui-corner-top ui-state-default ui-accordion-icons ui-accordion-header-collapsed ui-corner-all" role="tab" id="ui-id-3" aria-controls="ui-id-4" aria-selected="false" aria-expanded="false" tabindex="0">Services Facts</h3>
+<div class="net_content ui-accordion-content ui-corner-bottom ui-helper-reset ui-widget-content" id="ui-id-4" aria-labelledby="ui-id-3" role="tabpanel" aria-hidden="true" style="display: none; height: 194px;">
+<table id="subtable" class="sortable">
+    <thead>
+        <tr>
+            <th>Display Name</th>
+            <th>Windows Services Name</th>
+            <th>State</th>
+        </tr>
+    </thead>
+    <tbody>
+    {% if hostvars[windows_host]['services'] is defined %}
+    {% for service in hostvars[windows_host]['services'] %}
+        <tr>
+            <td>{{service['name']}}</td>
+            <td>{{service['win_svc_name']}}</td>
+            <td>{{service['state']}}</td>
+        </tr>
+    {% endfor %}
+    {% endif %}
+    </tbody>
+</table>
+</div>
+</div>
+</div>
+<!–– END INTERNAL TABLE FOR SERVICES --!>
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml
@@ -0,0 +1 @@
+file_path: /var/www/html
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/README.md
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/README.md
@@ -0,0 +1,36 @@
+build_report_windows_patch
+========
+
+Installs Apache and creates a report based on facts from Windows update job
+
+Requirements
+------------
+
+Must run on Apache server
+
+Role Variables / Configuration
+--------------
+
+N/A
+
+Dependencies
+------------
+
+N/A
+
+Example Playbook
+----------------
+
+The role can be used to create an html patching report on any number of Linux hosts using any number of Windows servers
+
+
+```
+---
+- hosts: all
+
+  tasks:
+  - name: Run Windows Patch Report
+    import_role:
+      name: shadowman.reports.build_report_windows_patch
+      
+```
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml
@@ -0,0 +1,3 @@
+email_from: tower@shadowman.dev
+to_emails: alex@shadowman.dev,tower@shadowman.dev
+to_emails_list: "{{ to_emails.split(',') }}"
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/example_results/Full_Report.png
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/example_results/Full_Report.png
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/files/css/main.css
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/files/css/main.css
@@ -0,0 +1,111 @@
+p.hostname {
+    color: #000000;
+    font-weight: bolder;
+    font-size: large;
+  }
+  
+  #subtable {
+    background: #ebebeb;
+    margin: 0px;
+  }
+  
+  #subtable tbody tr td {
+    padding: 5px 5px 5px 5px;
+  }
+  
+  #subtable thead th {
+    padding: 5px;
+  }
+  
+  * {
+    -moz-box-sizing: border-box;
+    -webkit-box-sizing: border-box;
+    box-sizing: border-box;
+    font-family: "Open Sans", "Helvetica";
+  
+  }
+  
+  a {
+    color: #ffffff;
+  }
+  
+  p {
+    color: #ffffff;
+  }
+  h1 {
+    text-align: center;
+    color: #ffffff;
+  }
+  
+  body {
+    background:#353a40;
+  }
+  
+  table {
+    border-collapse: separate;
+    background:#fff;
+    @include border-radius(5px);
+    margin:50px auto;
+    @include box-shadow(0px 0px 5px rgba(0,0,0,0.3));
+  }
+  
+  thead {
+    @include border-radius(5px);
+  }
+  
+  thead th {
+    font-family: 'Patua One', monospace;
+    font-size:16px;
+    font-weight:400;
+    color:#fff;
+    @include text-shadow(1px 1px 0px rgba(0,0,0,0.5));
+    text-align:left;
+    padding:20px;
+    border-top:1px solid #858d99;
+    background: #353a40;
+  
+    &:first-child {
+     @include border-top-left-radius(5px);
+    }
+  
+    &:last-child {
+      @include border-top-right-radius(5px);
+    }
+  }
+  
+  tbody tr td {
+    font-family: 'Open Sans', sans-serif;
+    font-weight:400;
+    color:#5f6062;
+    font-size:13px;
+    padding:20px 20px 20px 20px;
+    border-bottom:1px solid #e0e0e0;
+  
+  }
+  
+  tbody tr:nth-child(2n) {
+    background:#f0f3f5;
+  }
+  
+  tbody tr:last-child td {
+    border-bottom:none;
+    &:first-child {
+      @include border-bottom-left-radius(5px);
+    }
+    &:last-child {
+      @include border-bottom-right-radius(5px);
+    }
+  }
+  
+  span.highlight {
+      background-color: yellow;
+  }
+  
+  .expandclass {
+    color: #5f6062;
+  }
+  
+  .content{
+           display:none;
+           margin: 10px;
+  }
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/files/webpage_logo.png
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/files/webpage_logo.png
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml
@@ -0,0 +1,26 @@
+- name: Create HTML report
+  ansible.builtin.template:
+    src: report.j2
+    dest: "{{ file_path }}/windowspatch.html"
+    mode: "0644"
+  check_mode: false
+
+- name: Copy CSS over
+  ansible.builtin.copy:
+    src: "css"
+    dest: "{{ file_path }}"
+    directory_mode: true
+    mode: "0775"
+  check_mode: false
+
+- name: Copy logo over
+  ansible.builtin.copy:
+    src: "webpage_logo.png"
+    dest: "{{ file_path }}"
+    directory_mode: true
+    mode: "0644"
+  check_mode: false
+
+- name: Display link to Patch report
+  ansible.builtin.debug:
+    msg: "Please go to http://{{ ansible_host }}/windowspatch.html"
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/templates/report.j2
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/templates/report.j2
@@ -0,0 +1,115 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title> Windows Patch Report </title>
+</head>
+<body>
+<center>
+<h1>Ansible Windows Patching Report</h1>
+<style>
+@media print {
+   .noprint {
+        display: none !important;
+    }
+}
+</style>
+<div class="noprint">
+<button type="button" onclick="tableToCSV()">Download CSV</button>
+<input type="button" value="Print" onClick="window.print()">
+</div>
+</center>
+<table border = "1" cellpadding = "5" cellspacing = "5">
+    <thead>
+        <tr>
+            <th>Hostname</th>
+            <th>Operating System</th>
+            <th>Required Updates</th>
+        </tr>
+    </thead>
+    <tbody>
+{% for windows_host in groups['tag_Windows']|sort %}
+        <tr>
+            <td>{{hostvars[windows_host]['inventory_hostname']}}</td>
+            <td>{{hostvars[windows_host]['ansible_distribution']|default("none")}}</td>
+            <td>
+              <ul>
+
+{% if hostvars[windows_host].patchresult.updates is defined and hostvars[windows_host].patchresult.found_update_count|int > 0  %}
+{% for update in hostvars[windows_host].patchresult.updates %}
+{% set updatenum = hostvars[windows_host].patchresult.updates[update] %}
+            <li>{{updatenum.title}}</li>
+{% endfor %}
+{% else %}
+            <li>Compliant</li>
+{% endif %}
+            </ul>
+            </td>
+
+        </tr>
+{% endfor %}
+    </tbody>
+</table>
+{% for host in ansible_play_hosts %}
+<center><p>Created with Ansible on {{hostvars[host].ansible_date_time.iso8601}}</p></center>
+{% endfor %}
+<script type="text/javascript">
+function tableToCSV() {
+
+    // Variable to store the final csv data
+    var csv_data = [];
+
+    // Get each row data
+    var rows = document.getElementsByTagName('tr');
+    for (var i = 0; i < rows.length; i++) {
+
+        // Get each column data
+        var cols = rows[i].querySelectorAll('td,th');
+
+        // Stores each csv row data
+        var csvrow = [];
+        for (var j = 0; j < (cols.length); j++) {
+
+            // Get the text data of each cell of
+            // a row and push it to csvrow
+            if ( j == cols.length-1 && i==0){}
+            else{
+            csvrow.push(cols[j].textContent.replace(/,/g, " "));
+            }
+
+       }
+       csv_data.push(csvrow.join(","));
+}
+
+    // combine each row data with new line character
+    csv_data = csv_data.join('\n');
+
+    // Call this function to download csv file
+    downloadCSVFile(csv_data);
+}
+function downloadCSVFile(csv_data) {
+
+    // Create CSV file object and feed our
+    // csv_data into it
+    CSVFile = new Blob([csv_data], { type: "text/csv" });
+
+    // Create to temporary link to initiate
+    // download process
+    var temp_link = document.createElement('a');
+    var todayDate = new Date().toISOString().slice(0, 10);
+
+    // Download csv file
+    temp_link.download = "windowspatching-" + todayDate + ".csv";
+    var url = window.URL.createObjectURL(CSVFile);
+    temp_link.href = url;
+
+    // This link should not be displayed
+    temp_link.style.display = "none";
+    document.body.appendChild(temp_link);
+
+    // Automatically click the link to trigger download
+    temp_link.click();
+    document.body.removeChild(temp_link);
+}
+</script>
+</body>
+</html>
--- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml
@@ -0,0 +1 @@
+file_path: /var/www/html
--- a/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml
+++ b/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml
@@ -0,0 +1,7 @@
+---
+exclude_packages:
+  - authselect
+  - authselect-compat
+  - authselect-libs
+  - fprintd-pam
+allow_reboot: true
--- a/Show More
+++ b/Show More