Thinking about this slightly on a slightly higher-level: If you are implementing organizational processes similar to the Visible Ops recommendations, you might want to think setting up a modeful policy; that is, support Cfengine running in 'change window' mode, and in a validation mode (which would be the default).
Part of the 'change window' mode operation would be to update all tripwire-style databases so that any valid changes made due to promises that need to be kept do not trigger alerts. Then, in validation mode (presumably most of the time), any changes detected would be invalid and reported (you need to maintain either good whitelists or good blacklists for this kind of design to work well and scale). I would also like to point out that there is more to system state than file contents (bits on disk). You also care about the status of services (processes running), and diffs in that space are not captured by file-level change management. On Mon, Nov 30, 2009 at 1:00 PM, Justin Lloyd <jll...@digitalglobe.com> wrote: > Yes. I've been working with Nova since I've been evaluating it following an > in-house proof-of-concept period with Cfengine (the company) and we're > planning on purchasing it. > > -----Original Message----- > From: help-cfengine-boun...@cfengine.org > [mailto:help-cfengine-boun...@cfengine.org] On Behalf Of nwat...@symcor.com > Sent: Thursday, November 26, 2009 8:44 AM > To: help-cfengine@cfengine.org > Subject: RE: Change detection and differentiation > > report_diffs: > > 'This feature is available only in enterprise levels Nova and above.' Do you > have the right version? > > Sincerely, > -- > Neil Watson > 416-673-3465 > > This electronic communication and any attachments may contain confidential > and proprietary > information of DigitalGlobe, Inc. If you are not the intended recipient, or > an agent or employee > responsible for delivering this communication to the intended recipient, or > if you have received > this communication in error, please do not print, copy, retransmit, > disseminate or > otherwise use the information. Please indicate to the sender that you have > received this > communication in error, and delete the copy you received. DigitalGlobe > reserves the > right to monitor any electronic communication sent or received by its > employees, agents > or representatives. > > _______________________________________________ > Help-cfengine mailing list > Help-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/help-cfengine > _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
