Réf. : Pulling files from all hosts to one host.

[paguerlais]

Here are some ideas to deal with your problem :
- use a secured tunnel (VPN, IPSec, ...) between your clients and your
central log server
- use SSH to copy your files. A simple shell script can do the job.
- try to send your logs through syslog and get them with syslog-ng. The
transport must of course be done in a secured tunnel (VPN, IPSec, ...).

Patrice





help-cfengine-bounces+paguerlais=airfrance.fr@gnu.org@rimspace.net> le
25/07/2003 02:00:22

Envoyé par :      Daniel Pittman <daniel@rimspace.net>


Pour : help-cfengine@gnu.org
cc :

Objet :     Pulling files from all hosts to one host.


One of the things I want to achieve in my infrastructure is to have a
central host where log reports are gathered from the rest of the
machines.

Now, I can't afford to have these reports tampered with in flight, and I
can't afford to reveal the content of the reports in transit. Worse, I
need to ensure that as much as possible can be recovered from them if
they are tampered with...


So, since I already have this nice, big web of trust with cfengine
handing around I wanted to use that to pull the reports from the client
machines.

My first through was to iterate over a list of all hosts in a copy
command, but that can't be done; copy doesn't iterate.

After a bunch of reading and thinking, the best I can come up with is to
write a shell script that gets called with iteration, and to have that
script invoke cfengine with a custom-generated config file from that.


Can anyone suggest a better way of doing this?  I would rather avoid
introducing another trust layer if I can avoid it, since that's a real
PITA to manage.

     Daniel

--
Nothing is more beautiful than the loveliness of the woods before sunrise.
        -- George Washington Carver


_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
 http://mail.gnu.org/mailman/listinfo/help-cfengine