[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
cfengine audit scripts
From: |
David J. Bianco |
Subject: |
cfengine audit scripts |
Date: |
14 Apr 2003 08:37:29 -0400 |
I recently posted regarding some scripts I use to audit the machines
which are supposed to be running cfengine. Specifically, cfengine
provides no negative feedback, in the sense that if I configure cfengine
on a machine, and it later stops running, I get no notification. This
can happen fairly often, either when the cfengine processes die or when
the OS is reinstalled. Since I wanted to know when cfengine wasn't
running properly, I wrote a couple of scripts to help me out. In
response to a few requests I got, I'm attaching them to this email.
On my cfengine master server, I run them from cron, like this:
# Automatically rebuild the list of the cfengine clients each night.
# This is based on the public keys cfengine has registered for it's
# clients.
# This only needs to run on the master.
16 3 * * * /local/cfengine/bin/mkcfrunhosts | /bin/sort >
/local/cfengine/etc/cfrun.hosts
#
# Check the list of all cfengine hosts (generated above) to see which
# ones are up and responding to cfservd requests. Mail a report to the
# cfengine alias summarizing the down hosts.
23 4 * * 5 /local/cfengine/bin/cfaudit
Notice that mkcfrunhosts generates a list of hosts that *should* be
running cfengine, based on the keys in the server's ppkeys directory.
Then cfaudit reads this list later, and runs cfrun against each host in
that list. It summarizes only the errors, and mails them to the
administrator's email address (defined in the script). There are a
couple of lines in each script that you'll need to customize for your
site, where I've explicitly included my domain name or an email address.
I've marked them, so search for "Customize" and make the appropriate
changes.
I'm sure there are lots of corrections and enhancements people can
make to these. If you do, please consider sharing them so we can all
benefit.
Thanks,
David
--
David J. Bianco <bianco@jlab.org>
Thomas Jefferson National Accelerator Facility
cfaudit
Description: Text Data
mkcfrunhosts
Description: Text Data
- cfengine audit scripts,
David J. Bianco <=