I am running this in my task file (tried shell, command, and raw). Any
idea why and how to work around the issue?:
- name: Check number of AVCs
ansible.builtin.raw: "aureport | grep -i avc"
register: avcreport
- debug:
var: avcreport
It returns a report with all zero values, but if I run this directly on a
server I get non-zero values. Can't seem to figure out why:
"aureport_output.stdout_lines": [
"",
"Summary Report",
"======================",
"Range of time in logs: 01/01/1970 00:00:00.000 - 01/01/1970
00:00:00.000",
"Selected time for report: 01/01/1970 00:00:00 - 01/01/1970
00:00:00.000",
"Number of changes in configuration: 0",
"Number of changes to accounts, groups, or roles: 0",
"Number of logins: 0",
"Number of failed logins: 0",
"Number of authentications: 0",
"Number of failed authentications: 0",
"Number of users: 0",
"Number of terminals: 0",
"Number of host names: 0",
"Number of executables: 0",
"Number of commands: 0",
"Number of files: 0",
"Number of AVC's: 0",
"Number of MAC events: 0",
"Number of failed syscalls: 0",
"Number of anomaly events: 0",
"Number of responses to anomaly events: 0",
"Number of crypto events: 0",
"Number of integrity events: 0",
"Number of virt events: 0",
"Number of keys: 0",
"Number of process IDs: 0",
"Number of events: 0"
*Directly on the server I get this:*
Summary Report
======================
Range of time in logs: 05/08/2024 02:48:03.967 - 05/08/2024 22:10:09.990
Selected time for report: 05/08/2024 02:48:03 - 05/08/2024 22:10:09.990
Number of changes in configuration: 0
Number of changes to accounts, groups, or roles: 0
Number of logins: 15
Number of failed logins: 705
Number of authentications: 3
Number of failed authentications: 0
Number of users: 3
Number of terminals: 6
Number of host names: 5
Number of executables: 21
Number of commands: 31
Number of files: 1401
Number of AVC's: 15184
Number of MAC events: 1124
Number of failed syscalls: 544
Number of anomaly events: 0
Number of responses to anomaly events: 0
Number of crypto events: 4990
Number of integrity events: 0
Number of virt events: 0
Number of keys: 0
Number of process IDs: 10864
Number of events: 70010
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/1d4727fa-01e6-4179-9e59-6bc17b49ca8fn%40googlegroups.com.
