help-cfengine
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cfengine audit scripts

From: Yves
Subject: Re: cfengine audit scripts
Date: Mon, 14 Apr 2003 17:42:22 GMT 
Hi David,

thanx for your posting - an interesting solution.
In our environment we have ca. 850 workstations intalled with cfengine. It 
takes hours to get a feedback via cfrun on all machines. So we have an other 
work around. I will post it in the next days.

Gruß Yves

 Y99@gmx.de am 14.04.2003

On 14 Apr 2003 08:37:29 -0400, David J. Bianco wrote:
>I recently posted regarding some scripts I use to audit the machines
>which are supposed to be running cfengine.  Specifically, cfengine
>provides no negative feedback, in the sense that if I configure
>cfengine
>on a machine, and it later stops running, I get no notification.
>This
>can happen fairly often, either when the cfengine processes die or
>when
>the OS is reinstalled.  Since I wanted to know when cfengine wasn't
>running properly, I wrote a couple of scripts to help me out.  In
>response to a few requests I got, I'm attaching them to this email.
>
>On my cfengine master server, I run them from cron, like this:
>
># Automatically rebuild the list of the cfengine clients each night.
># This is based on the public keys cfengine has registered for it's
># clients.
># This only needs to run on the master.
>16 3 * * * /local/cfengine/bin/mkcfrunhosts | /bin/sort >
>/local/cfengine/etc/cfrun.hosts
>#
># Check the list of all cfengine hosts (generated above) to see which
># ones are up and responding to cfservd requests.  Mail a report to
>the
># cfengine alias summarizing the down hosts.
>23 4 * * 5 /local/cfengine/bin/cfaudit
>
>Notice that mkcfrunhosts generates a list of hosts that *should* be
>running cfengine, based on the keys in the server's ppkeys directory.
>Then cfaudit reads this list later, and runs cfrun against each host
>in
>that list.  It summarizes only the errors, and mails them to the
>administrator's email address (defined in the script).  There are a
>couple of lines in each script that you'll need to customize for your
>site, where I've explicitly included my domain name or an email
>address.
>I've marked them, so search for "Customize" and make the appropriate
>changes.
>
>I'm sure there are lots of corrections and enhancements people can
>make to these.  If you do, please consider sharing them so we can all
>benefit.
>
>    Thanks,
>     David
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]