Careful, such a `push' approach is unlikely to scale to more than a couple of hundred machines.
FYI, Nova 1.2 (scheduled for October) will take a delta approach to report collection and generation that will scale much better under pull for the full spectrum of reports. M Nicolas Charles wrote: > Hi Justin, > > I considered also this approach, but instead I've set up a webdav server > on a policy_server, and each client sending the reports on this webdav > entry point. Hence the client can send it when he knows it is suitable, > and the promises are much more easy to write > > Nicolas > > Justin Lloyd wrote: >> Hi all, >> >> I'd like to generate a report of all* changes Cfengine makes on systems >> for auditing and awareness purposes. If, for example, the same change is >> being made a lot on a system (e.g. fixing /etc/passwd permissions), then >> we would know something is wrong and could investigate it more deeply. >> >> Cfengine Nova (I don't know about community) logs local promise repairs >> to /var/cfengine/nova_repair.log, which is rotated weekly. Here are a >> couple of example lines: >> >> Thu Jun 3 21:32:21 >> 2010,fix_resolver_configuration_file,fix_resolver_configuration_file,Ens >> ure /etc/resolv.conf file exists and is >> correct,/var/cfengine/inputs/dg.bundles.cf,262 >> Thu Jun 3 21:34:16 >> 2010,_fetch_public_ssh_key,ensure_authorized_ssh_key_exists,Ensure >> user's authorized_keys file contains remote user's public >> key,/var/cfengine/inputs/dg.ssh_keys.cf,98 >> >> I was thinking of having each policy server fetch the nova_repair.log >> from all of its hosts each day prior to rotation and generating a >> summary report that is easily skimmable by humans. However, before I >> start really diving into such an approach, I was wondering if anyone has >> been wanting or doing something similar. >> >> Thanks, >> Justin >> >> *By "all" I would filter out a lot of standard changes, like those done >> by Nova's generate_reports.cf. >> >> > > _______________________________________________ > Help-cfengine mailing list > Help-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/help-cfengine -- Mark Burgess ------------------------------------------------- Professor of Network and System Administration Oslo University College, Norway Personal Web: http://www.iu.hio.no/~mark Office Telf : +47 22453272 ------------------------------------------------- _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
