[CentOS] Configuration Compliance auditing for many CentOS 5.x boxes
Ross Walker
rswwalker at gmail.com
Wed Feb 1 23:22:13 UTC 2012
On Feb 1, 2012, at 2:54 PM, Tom H <tom at limepepper.co.uk> wrote:
> Hi CentOS experts,*
>
> Short Version*
>
> I would like to produce a weekly report in HTML for each CentOS 5.x
> server we have indicating configuration compliance with some industry
> benchmark. I am looking for a tool or tools to implement this, I am
> happy to use 3rd party proprietary stuff if necessary.
> *
You could have a weekly cron job on all boxes that does a rpm for all package config files, diff against a "snapshot" copy contained under /var somewhere, email those diffs to a change management system,then save the current files in the snapshot directory.
First run will send the complete configs, all subsequent runs will send the diffs.
Of course you need a change management system that will hold an inventory of systems, those systems' hardware/software inventories and configurations, and track those changes with alerts and reports and such.
I don't know of a good system for doing all that unfortunately, but if you do find one let me know.
-Ross
More information about the CentOS
mailing list