Hi, Although I've never used it, this does sound like a task for the auditing functionality that was added into Puppet 2.6. Some information about it can be found here: http://puppetlabs.com/blog/all-about-auditing-with-puppet/
You may also find the Puppet enterprise documentation on audit and compliance of some use, as it uses the audit metaparams to achieve this functionality. http://docs.puppetlabs.com/pe/2.7/compliance_basics.html >From what I understand, you can build your own auditing/reporting/compliance tool using your existing puppet framework and a modified report processor that fits your needs. Hope this helps. K On Thursday, December 27, 2012 10:27:53 PM UTC, Jason Edgecombe wrote: > > Yes, you can do what you want if you already have a puppet master > (server) in your puppet environment, but you may need configure or > install some add-ons. > > All puppet installations include a tool called "facter". Facter gathers > various facts or data about your systems. The system can be configured > to sent this data back to the puppet server. Various puppet add-ons > offer the ability to create reports based on the data that was sent back > to the server. For you needs, you will likely need to write a custom fact. > > Here are some links that might be helpful: > > Info on facter: > http://puppetlabs.com/blog/facter-part-1-facter-101/ > > How to do custom facts: > http://docs.puppetlabs.com/guides/custom_facts.html > > Puppet reporting: > http://docs.puppetlabs.com/guides/reporting.html > > If you don't use a puppet server, then I think there are other options > for gathering the reporting data. > > Sincerely, > Jason > > > P.S. My apologies to other posters, but I didn't see a clear answer to > the question. > > On 12/27/2012 03:01 PM, pdiddy wrote: > > Understood, but is it possible to get it done via puppet? I've > management > > requirement. > > > > On Thursday, December 27, 2012 2:52:31 PM UTC-5, Christopher Wood wrote: > >> You might be better off putting together a custom fact about this. Then > >> you can check fact(s) on the host(s) without trying to > >> manage-but-not-manage something inside puppet. > >> > >> On Thu, Dec 27, 2012 at 11:15:14AM -0800, pdiddy wrote: > >>> How do I check content of a file in puppet? > >>> ex: I want to see if "PermitRootLogin" is "no" > >> in /etc/ssh/sshd_config > >>> file (RHEL). If it's "yes" i want to show it on compliance report. > >> For now > >>> I don't want make any changes to the sshd_config file through > puppet. > >>> Here is something I have: > >>> define line($file, $line, $ensure = 'present') { > >>> $line = "PermitRootLogin no" > >>> $file = "/etc/ssh/sshd_config" > >>> case $ensure { > >>> default : { err ( "unknown ensure value ${ensure}" ) } > >>> present: { > >>> warning/flag code: > >>> unless => "/bin/grep '${line}' '${file}'" > >>> } > >>> } > >>> } > >>> > >>> -- > >>> You received this message because you are subscribed to the Google > >> Groups > >>> "Puppet Users" group. > >>> To view this discussion on the web visit > >>> [1]https://groups.google.com/d/msg/puppet-users/-/M8gmxMKkp58J. > >>> To post to this group, send email to > >>> puppet...@googlegroups.com<javascript:>. > > >>> To unsubscribe from this group, send email to > >>> puppet-users...@googlegroups.com <javascript:>. > >>> For more options, visit this group at > >>> http://groups.google.com/group/puppet-users?hl=en. > >>> > >>> References > >>> > >>> Visible links > >>> 1. https://groups.google.com/d/msg/puppet-users/-/M8gmxMKkp58J > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/0pbXzEuApHIJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
