cookbook 'auditd', '= 0.1.8', :supermarket
auditd (15) Versions 0.1.8 Follow11
cookbook 'auditd', '= 0.1.8'
knife supermarket install auditd
knife supermarket download auditd
A simple cookbook to install auditd and provided rulesets. Rulesets included in the OS auditd/audit package as examples are based on 4 established standards:
- Controlled Access Protection Profile (CAPP)
- Labeled Security Protection Profile (LSPP)
- National Industrial Security Program Operating Manual (NISPOM)
- Security Technical Implementation Guides
The OS package provides the client side tools for working with the linux kernel audit framework.
Linux : any distribution in theory, but only Ubuntu and RHEL 6 have been tested.
- node['auditd']['ruleset'] - ruleset to use, either "default" (the default if unset) or one of the provided examples
- node['auditd']['backlog'] - backlog size, default is 320 should be larger for busy systems
If you're using one of the default rulesets set the correct attribute based on the ruleset desired, one of:
- "capp" : Controlled Access Protection Profile
- "lspp" : Labeled Security Protection Profile
- "nispom" : National Industrial Security Program Operating Manual (NISPOM)
- "stig" : Security Technical Implementation Guides
- "cis" : Center for Internet Security auditd recommendations
recipe[auditd::rules] in your run list. You can also set
node['auditd']['ruleset'] to the name of a custom rule
template to be used instead of one of the default rules.
If you are using the recipe from a wrapper cookbook, include the
recipe[auditd] to setup the service and use the
auditd_ruleset resource to place your rule template of choice.
If you are not satisfied with any of the provided templates, you can
cookbook attribute in
auditd_ruleset to use your own
set of rules. In this case, do not include
Ideally the auditd_ruleset resource could make use of a data bag search to build the data driven ruleset
Make builtins an array attribute to allow user updates without cookbook release.
This cookbook has no specified dependencies.
CHANGELOG for auditd
This file is used to list changes made in each version of auditd.
- add coc and contributing documents
- update gitignore list for some chef related files
- update supermarket uri
- use correct restart command when under systemd on rhel
- better rule definition support for rhel systems that no longer ship with examples
- add test suite for capp rules
- excluded non-default rulesets for RedHat; they use a version-specific path that I can't find any easy way to determine programatically
- added RedHat support
- Initial release of auditd
Check the Markdown Syntax Guide for help with Markdown.
The Github Flavored Markdown page describes the differences between markdown on github and standard markdown.
Collaborator Number Metric
0.1.8 passed this metric
0.1.8 passed this metric