Add profiles and parameters

After you create a Slang project or import an existing project, you can add profiles and parameters to give users options when scanning content.

Before you begin

• Install Slang Authoring Toolkit
• Create a Slang project
• Test the project
• Export Slang to SCAP as XML

Steps

1. Create a profile.
2. Update a profile to use a parameter.
3. Add Slang parameters to a rule.

Step 1: Create a profile

Profiles determine which rules apply to a project scan. Profiles must be located in the project folder alongside the project.slang file. The file name must start with profile. and end with .slang.

1. In Visual Studio Code (VS Code), select File > Open Folder and navigate to the project folder.

2. Right-click project.slang and select New File to create a file.

3. Name the file profile.<profile_name>.slang and save it to the project folder.

4. In the profile file, add this content:

    Profile:
       title: <profile_name>
       description: <profile_description>

5. To set which rules apply to the profile, add addional lines for options such as select_all_rules_except or select rules and any applicable values.

   For example:

    select_all_rules_except: 
       - local_admin_disabled.slang

6. Save the profile file.

7. Run this command to export your Slang project including the added profiles:

   slang export <project_name> <project_name>.xml

   Note: For Windows 10 devices, run slang export <project_name> <project_name>.xml --scan_config <config_name> --profile profile.general_use.slang to export and test your project. The results must have the local_admin_disabled rule marked NOT SELECTED.

Step 2: Update a profile to use a parameter

In addition to selecting rules, profiles can update parameter values.

1. In the profile file, add a set_values option and applicable values.

   For example:

   Profile:
       title: General Use
       description: This profile selects rules applicable to general use 
       systems select_all_rules_except:
          - local_admin_disabled.slang
       set_values:
          - min_password_param: 12

   The General Use profile now requires a password of 12 characters in length.

2. Save the profile file.

Step 3: Add Slang parameters to a rule

With Slang parameters, you can customize rules for a profile.

1. Open the rule file.

2. Add a parameters option and applicable values.

   For example:

   parameters: 
      min_password_param:
         title: Minimum required password length
         value: 8  

   Complete example:

    Rule:
   title: Password Policies
   description: Password policies for <project_name>.
   checks: 
      - ALL:
         - windows.account.lockout_policy:
            threshold: 5
            duration: 5 minutes 
            observation_window: 1 hour 
         - windows.account.password_policy:
            allow_reversible_encryption: true
            maximum_password_age: 30
            days minimum_passwords_remembered: 100
            require_password_complexity: true
            minimum_password_length: 0
   parameters: 
      min_password_param:
         title: Minimum required password length
         value: 8  

3. Save the rule file.

Next steps

• Create Script-Based Checks.

See also

• Slang Authoring Toolkit Quickstart Tutorial
• Test a Slang Project
• Import and Update SCAP (XML)