If you are still looking for an audit/compliance solution, check out
www.metaforsoftware.com. We can track daily changes on your servers and
send alerts when we find diffs from one day to the next. Can also do large
scale diffs across servers in a cluster. We're in free beta and also
working
Any thoughts guys...
On Wednesday, January 2, 2013 11:05:41 AM UTC-5, pdiddy wrote:
>
> When I build the server I make sure it meets all the compliance
> requirements (ex: PermitRootLogin, login banner). However, I would like to
> double check those compliance requirements on daily basis through
When I build the server I make sure it meets all the compliance
requirements (ex: PermitRootLogin, login banner). However, I would like to
double check those compliance requirements on daily basis through Puppet
(in case someone has changed them). This is an audit requirement.
I was able to wri
Thanks everyone, I will look into these options...I will write back in few
days...
On Friday, December 28, 2012 7:36:31 AM UTC-5, Keiran Sweet wrote:
>
> Hi,
> Although I've never used it, this does sound like a task for the auditing
> functionality that was added into Puppet 2.6.
> Some informa
Hi,
Although I've never used it, this does sound like a task for the auditing
functionality that was added into Puppet 2.6.
Some information about it can be found here:
http://puppetlabs.com/blog/all-about-auditing-with-puppet/
You may also find the Puppet enterprise documentation on audit and
Yes, you can do what you want if you already have a puppet master
(server) in your puppet environment, but you may need configure or
install some add-ons.
All puppet installations include a tool called "facter". Facter gathers
various facts or data about your systems. The system can be configu
I suppose so, but I haven't ever worked with puppet reporting. My questions
about the business issue behind this request are more along the lines of what
his management wants the information for. There are a number of corollary
questions that come up, including but not limited to:
-Why are you
Hi,
Couldn't he run --noop as a scanner for hosts out of compliance and then when
one is found, run normal puppet run (obviously you don't have to run in noop
and just run normal runs and monitor reports).
That way management can see that non compliant host are being made compliant (
a much mo
Metaphorically, your management is asking you to drive nails with a
screwdriver. The right tool for the job here is facter, not puppet. (And puppet
already uses facter, so your management apparently doesn't understand the stack
here.) While this is ultimately their problem, it sounds like you ha
Understood, but is it possible to get it done via puppet? I've management
requirement.
On Thursday, December 27, 2012 2:52:31 PM UTC-5, Christopher Wood wrote:
>
> You might be better off putting together a custom fact about this. Then
> you can check fact(s) on the host(s) without trying to
>
You might be better off putting together a custom fact about this. Then you can
check fact(s) on the host(s) without trying to manage-but-not-manage something
inside puppet.
On Thu, Dec 27, 2012 at 11:15:14AM -0800, pdiddy wrote:
>How do I check content of a file in puppet?
>ex: I want t
How do I check content of a file in puppet?
ex: I want to see if "PermitRootLogin" is "no" in /etc/ssh/sshd_config file
(RHEL). If it's "yes" i want to show it on compliance report. For now I
don't want make any changes to the sshd_config file through puppet.
Here is something I have:
define li
12 matches
Mail list logo
