Table of Contents
System Information Examples
Table of Contents
- Change detection
- Hashing for change detection (tripwire)
- Check filesystem space
- Class match example
- Global classes
- Logging
- Check filesystem space
Change detection
body common control
{
bundlesequence => { "testbundle" };
inputs => { "cfengine_stdlib.cf" };
}
bundle agent testbundle
{
files:
"/usr"
changes => detect_all_change,
depth_search => recurse("inf"),
action => background;
}
Hashing for change detection (tripwire)
Change detection is a powerful and easy way to monitor your environment, increase awareness and harden your system against security breaches.
body common control
{
bundlesequence => { "testbundle" };
inputs => { "$(sys.libdir)/stdlib.cf" };
}
bundle agent testbundle
{
files:
"/home/mark/tmp/web" -> "me"
changes => detect_all_change,
depth_search => recurse("inf");
}
Check filesystem space
body common control
{
bundlesequence => { "example" };
}
bundle agent example
{
vars:
"free" int => diskfree("/tmp");
reports:
"Freedisk $(free)";
}
Class match example
body common control
{
bundlesequence => { "example" };
}
bundle agent example
{
classes:
"do_it" and => { classmatch(".*_3"), "linux" };
reports:
do_it::
"Host matches pattern";
}
Global classes
body common control
{
bundlesequence => { "g","tryclasses_1", "tryclasses_2" };
}
bundle common g
{
classes:
"one" expression => "any";
"client_network" expression => iprange("128.39.89.0/24");
}
bundle agent tryclasses_1
{
classes:
"two" expression => "any";
}
bundle agent tryclasses_2
{
classes:
"three" expression => "any";
reports:
one.three.!two::
"Success";
}
body common control
{
bundlesequence => { "g","tryclasses_1", "tryclasses_2" };
}
bundle common g
{
classes:
"one" expression => "any";
"client_network" expression => iprange("128.39.89.0/24");
}
bundle agent tryclasses_1
{
classes:
"two" expression => "any";
}
bundle agent tryclasses_2
{
classes:
"three" expression => "any";
reports:
one.three.!two::
"Success";
}
Logging
body common control
{
bundlesequence => { "test" };
}
bundle agent test
{
vars:
"software" slist => { "/root/xyz", "/tmp/xyz" };
files:
"$(software)"
create => "true",
action => logme("$(software)");
}
body action logme(x)
{
log_kept => "/tmp/private_keptlog.log";
log_failed => "/tmp/private_faillog.log";
log_repaired => "/tmp/private_replog.log";
log_string => "$(sys.date) $(x) promise status";
}
body common control
{
bundlesequence => { "one" };
}
bundle agent one
{
files:
"/tmp/xyz"
create => "true",
action => log;
}
body action log
{
log_level => "inform";
}