Hi all, How can I retrieve a file's most recent checksum as reported by puppet? I'm running Puppet 3.1, PuppetDB 1.4, and Foreman 1.2, and have looked through the various APIs as well as /var/lib/puppet/ on each node, but can't find a specific field for the checksum. I think it used to be in /var/lib/puppet/state/state.yaml, but was removed in recent puppet versions due to inconsistencies <http://projects.puppetlabs.com/issues/5301>. I see ways to return a node report, but they don't seem to contain the checksum. I suppose just checking that the file was changed via puppet is sufficient in saying that this was an expected change, but it would be nice to also compare the sum in puppet vs. the file integrity monitor.
In general, I want to have my real-time file integrity monitor check against expected puppet changes so I don't receive alerts from 100's of servers. I've seen a little discussion on this topic here and there, but would love to see some more light shed on this particular subject. I realize that there is a risk involved with NOT sending an alert because "this change was expected per puppet", but this to me is better than getting thousands of alerts each day and actually missing something important due to info overload. How do you guys monitor file integrity across many hosts? I'm using OSSEC syscheck, but still evaluating so I'm open to other tools and general thoughts on the subject. Thanks! Jason -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
