Change detection

code
body common control
{
      bundlesequence  => { "testbundle"  };
      inputs => { "cfengine_stdlib.cf" };
}

bundle agent testbundle
{
  files:
      "/usr"
      changes      => detect_all_change,
      depth_search => recurse("inf"),
      action       => background;
}

Hashing for change detection (tripwire)

Change detection is a powerful and easy way to monitor your environment, increase awareness and harden your system against security breaches.

code
body common control
{
      bundlesequence  => { "testbundle"  };
      inputs => { "$(sys.libdir)/stdlib.cf" };
}

bundle agent testbundle
{
  files:
      "/home/mark/tmp/web" -> "me"
      changes      => detect_all_change,
      depth_search => recurse("inf");
}

Check filesystem space

code
body common control
{
      bundlesequence  => { "example" };
}

bundle agent example
{
  vars:
      "free" int => diskfree("/tmp");

  reports:
      "Freedisk $(free)";
}

Class match example

code
body common control
{
      bundlesequence  => { "example" };
}

bundle agent example
{
  classes:
      "do_it" and => { classmatch(".*_3"), "linux" };

  reports:
    do_it::
      "Host matches pattern";
}

Global classes

code
body common control
{
      bundlesequence => { "g","tryclasses_1", "tryclasses_2" };
}

bundle common g
{
  classes:
      "one" expression => "any";
      "client_network" expression => iprange("128.39.89.0/24");
}

bundle agent tryclasses_1
{
  classes:
      "two" expression => "any";
}

bundle agent tryclasses_2
{
  classes:
      "three" expression => "any";
  reports:
    one.three.!two::
      "Success";
}

body common control
{
      bundlesequence => { "g","tryclasses_1", "tryclasses_2" };
}

bundle common g
{
  classes:
      "one" expression => "any";
      "client_network" expression => iprange("128.39.89.0/24");
}

bundle agent tryclasses_1
{
  classes:
      "two" expression => "any";
}

bundle agent tryclasses_2
{
  classes:
      "three" expression => "any";
  reports:
    one.three.!two::
      "Success";
}

Logging

code
body common control
{
      bundlesequence => { "test" };
}

bundle agent test
{
  vars:

      "software" slist => { "/root/xyz", "/tmp/xyz" };

  files:

      "$(software)"

      create => "true",
      action => logme("$(software)");

}

body action logme(x)
{
      log_kept => "/tmp/private_keptlog.log";
      log_failed => "/tmp/private_faillog.log";
      log_repaired => "/tmp/private_replog.log";
      log_string => "$(sys.date) $(x) promise status";
}

body common control
{
      bundlesequence => { "one" };
}

bundle agent one
{
  files:

      "/tmp/xyz"

      create => "true",
      action => log;

}

body action log
{
      log_level => "inform";
}