[CentOS] Configuration Compliance auditing for many CentOS 5.x boxes

Thu Feb 2 00:26:09 UTC 2012
Les Mikesell <lesmikesell at gmail.com>

On Wed, Feb 1, 2012 at 6:04 PM, Kwan Lowe <kwan.lowe at gmail.com> wrote:
> For the basic package setup, Spacewalk or Satellite can track the versions
> and allow you to lock the package set. There are also existing scripts that
> wrap variations of an 'rpm -qVa' and send the reports back.

Ocsinventory-ng will send a hardware and software inventory to a
central server daily - with agents for both Linux and windows.  It
will pick up the installed rpms but you'd have to extend it to look
for local config changes.

> For the configurations, we are experimenting with cfengine and puppet. They
> allow you to track configuration changes, reset changes, etc..

Is anyone looking at salt instead of puppet yet?  http://saltstack.org/

   Les Mikesell
     lesmikesell at gmail.com