...
A baseline can be created using the web interface if a user has a role that contains the baselines::create permission. Go to menu: Manage -> Baselines -> Create Baselines. There is also a create button on the collection page.
You must enter a (preferably unique) name and then the "Add policy from device" button will be enabled.
Click this button and a modal will appear.
Type in a hostname and click Search to populate the dropdown to enable you to choose a device to extract policies from.
Choose a device from the drop down, a table from the dropdown and a comparison operator.
The comparison operator only really works for software at this stage. Both netstat ports and users work on the principle of it exists so it must match.
Software though compares the package name and version. If you would like the policy to test for SSH "at least" version 1.2.3, click the "Equals or Greater Than" comparison operator. Checking if a name and version match exactly, click the "Equals" operator.
Once you click Submit, the baseline will be created and the policies will be added. You will then be sent to the Edit Baseline screen where you can add further policies from a device if required.
Executing a Baseline Definition
Once you have created your baseline and added some policies, you can execute it against a group of devices. When executing a baseline, bear in mind that baselines will only really provide useful information when the policies are matched to the specific operating system the baseline is executed against. IE - Don't create a baseline and add policies form a Windows Server and expect a group of devices containing Debian computers to match anything!
From the Baseline list page, click on the Execute button. The next screen will enable you to choose a group of devices to execute the baseline on.
...