Unfortunately, I very much share Felix's fear in getting swamped by facts.
I mean, there are *thousands* of CVEs.
Good goal though, I'll have to think about this.
Trevor
On Mon, Oct 13, 2014 at 12:41 PM, Garrett Honeycutt <g...@garretthoneycutt.com
> wrote:
> On 10/13/14 8:59 AM, Trevor Vaughan wrote:
> > Would it be possible to side-load this into PuppetDB?
> >
> > For instance, instead of running the full list of checks with every run
> > of puppet, have a cron job (or something) that runs the list and feeds
> > the data directly into PuppetDB for the node.
> >
> > That would take the pressure off of each Puppet run but still make the
> > data available.
> >
> > A nifty MCollective plugin for triggering full runs or targeting
> > specific CVE regexes would be handy for catching things like Shellshock.
> >
> > For skipping facts, why not use a JSON/YAML file?
> >
> > Trevor
> >
>
> Hi Trevor,
>
> Goal is to use facts so vulnerabilities could be determined without
> Puppet while also working with Puppet and its ecosystem - PuppetDB and
> MCollective.
>
> Good idea on skipping facts using structured data. While that is easy on
> the fact side to implement in ruby, it seems easier to implement from
> puppet using either file{} or file_line{} as I want to maintain the
> ability to specify an array of facts to skip through Hiera.
>
> BTW: Could really use help adding code to check for more CVE's :)
>
> Best regards,
> -g
>
> --
> Garrett Honeycutt
> @learnpuppet
> Puppet Training with LearnPuppet.com
> Mobile: +1.206.414.8658
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/543C00CE.1000301%40garretthoneycutt.com
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699
tvaug...@onyxpoint.com
-- This account not approved for unencrypted proprietary information --
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CANs%2BFoUMETU4nmeAjWEvU7R7N2w8LfadLnRyFtv9YcHPQb-mSg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
