How do I unsubscribe from this list?
Jonathan Bayer Manager, Technical Operations ACHIEVE3000 1985 Cedar Bridge Ave, Ste 3 Lakewood, NJ 08701 office: 732.367.5505 x172 fax: 732.367.2313 www.Achieve3000.com<http://www.achieve3000.com/> The Leader In Differentiated Instruction From: [email protected] [mailto:[email protected]] On Behalf Of Atom Powers Sent: Friday, July 10, 2015 10:43 AM To: Alan Robertson Cc: Assimilation Project Subject: Re: [Assimilation] Best Practices as code - progress report! On Thu, Jul 9, 2015 at 6:05 PM, Alan Robertson <[email protected]<mailto:[email protected]>> wrote: Thanks for your reply. It gets kinda lonely when I write things and no one replies ;-) I'm a fan. I plan on publishing an implementation as part of the Assimilation Project. But because of our architecture, it's unlikely to be directly useful to others. The description of the test is in the JSON. I didn't see any test descriptions in the project repo. I'd like to help make it easy(er) to create other implementations. I'm in an environment where every deployment is a small set of well defined systems and it will be some time before I'm ready to introduce new tools to this environment. Although with this feature and if the Nagios agent support works the way I hope it does then I may be able to build a case for Assimilation sooner. As far as what other people do, that's up to them. In some cases (like Lynis) they already have their own implementation of some rules. An implementation that would be suitable for them would not fit our architecture and vice versa. This is why I asked about extending the JSON to include commands and expected results in a portable fashion. Using the rule below as an example, the portable JSON might look something like this (but probably not exactly this): 'rule': { 'osfamily': { 'any': { 'command': 'sysctl', 'parameter': 'net.core.default_qdisk', 'compare': 'is', 'value': ['fq_codel','codel'] }, } } Which would extend the JSON here https://github.com/IT-bestpractices/root/blob/master/rules/os.app/networking.domain/posix.class/linux.os/itbp-00001 This way anybody who wanted to implement the rules could write a tool to parse the JSON and implement that rule in whatever language or framework was most acceptable in their environment. The rules don't have to be security rules. For example, here's a rule which detects buffer bloat: 'BPC-000014-1': {'rule': 'IN($net.core.default_qdisc, fq_codel, codel)', 'id': 'BPC-00014-1', 'url': 'https://trello.com/c/EwPF4S9z' }, -- Perfection is just a word I use occasionally with mustard. --Atom Powers--
_______________________________________________ Assimilation mailing list - Discovery-Driven Monitoring [email protected] http://lists.community.tummy.com/cgi-bin/mailman/listinfo/assimilation http://assimmon.org/
