Limited Time Scan

[isimluk]

Rationale: Along the lines of parallel scanning, it would be nice to a flag that runs a fast scan, one that ignores any probe that takes longer than a couple seconds. The rationale is that as a newbie, I am frequently just testing may commands and understanding of the tool, or seeing if a remediation significantly improved my compliance score and would like to run a rich scan and produce a report but not wait 8 to 12 minutes each time.

Deliverable: libopenscap should be able to kill the probe if the time exceeds a given constant. Note that OVAL standard well supports a scenario when the items were not collected.

This is a big idea.

[matejak]

The goal of the issue would be accomplished more easily by having an explicit example profile in the content. The example profile would contain some easy-to-understand rules that have remediations and that are scanned quickly.

[evgenyz]

Small sample is here (#2876), time-limiting probes seems to me a bit controversial. Can we close this?

[jan-cerny]

I also think that time-limited scan isn't a good idea, because the produced results will be incomplete, full of false positives and false negatives.

I concur that having a small, quick profile that we could use for demonstration purposes would be more beneficial. We could use it for tutorials, videos, conferences. It's a problem on content side. However, the #2876 doesn't add a profile that we could ship everywhere. We should submit the idea again.