15 valuable reports

15 most valuable reports with CFEngine

Embed Size (px)

Citation preview

Page 1: 15 most valuable reports with CFEngine

15 valuable reports

Nick Anderson
This one is a bit misleading. The only HEALTH alert we have is for low disk space on the root (/) volume. Hosts not reporting and agents not running dont show up in the dasboard widget, they show up in the health indicator at the top, and no alert messages are sent about them.
Page 2: 15 most valuable reports with CFEngine


Change reports - What changes has CFEngine made to my system?New in version 3.7, you can filter on dates and see all CFEngine changes written to your system. Use it to prove compliance and detect recurring repairs / unintended changes.

Page 3: 15 most valuable reports with CFEngine


Software updates - What updates are available?This out of the box report integrates with your package managers and gives you all the available patches and patch version. Quickly filter on any patch name, version or group of servers

Page 4: 15 most valuable reports with CFEngine


Software installed - What software is installed on my systems?This out of the box report shows you all software installed on all managed systems, and allows you to quickly filter on servers, software and/or architecture

Page 5: 15 most valuable reports with CFEngine


File integrity - Have any of my monitored files been changed?This out of the box report gives you an overview of all changes to files that, in policy, have been defined to be monitored by CFEngine for change. It is also possible to show the actual change / diff that were made.

Page 6: 15 most valuable reports with CFEngine


Policy compliance - Are any of my policies out of compliance?This out of the box report gives you an overview of all non compliant (called ‘promise not kept’) policies in your infrastructure, and the accumulated times the specific parts of the policy have not been in compliance.

Page 7: 15 most valuable reports with CFEngine


Policy compliance - Why is my policy not in compliance?With CFEngine it is easy to create a report which shows you all non-compliant policies, and include the log message describing why CFEngine has not been able to repair and converge into compliance

Page 8: 15 most valuable reports with CFEngine


Inventory - What is the OS distribution in my infrastructure?This out-of-the-box report quickly gives you an overview of the distribution of OS and their versions. Combine this with advanced filtering to see where the different systems are running.

Page 9: 15 most valuable reports with CFEngine


Inventory - What does my infrastructure look like?This out-of-the-box report contains several various attributes of your system which have been automatically detected by the CFEngine agent running locally on each server. The inventory is updated on each run (every 5 minutes), and gives you live insight into your inventory.

Page 10: 15 most valuable reports with CFEngine


Which servers are listening to port 6379?The out-of-the-box inventory reports from CFEngine allows you to quickly filter any inventory data, for instance to look up if specific ports are open or not.

Page 11: 15 most valuable reports with CFEngine


Package Repos - How is YUM configured on my nodes?This custom report shows you the yum repositories that are configured as enabled or disabled as well as the yum plugins that are enabled.

Page 12: 15 most valuable reports with CFEngine


SSH Host Keys - Which hosts have duplicate SSH host keys?These custom reports show you which key types are in use and which have duplicate ssh host keys.

Page 13: 15 most valuable reports with CFEngine


Kernel settings - How is my linux kernel configured on boot?This custom reports shows you which hosts were booted with crashkernel=auto.

Page 14: 15 most valuable reports with CFEngine


NTP Configuration - How are my hosts configured?This custom report shows how ntp is configured and which hosts are NOT using a centos.pool.ntp.org time source.

Page 15: 15 most valuable reports with CFEngine


Security - Center for Internet Security Benchmarks - Am I compliant?This custom reports shows which CentOS 6 hosts are not compliant with CIS 1.1.7 (separate partition for /var/log).

Page 16: 15 most valuable reports with CFEngine


Which hosts have ip forwarding enabled in /etc/sysctl.conf?This custom reports shows hosts that have net.ipv4.ip_forward set to 1 in /etc/sysctl.conf

Page 17: 15 most valuable reports with CFEngine


Did you like any of these reports?

If you are an Enterprise customer, please let us know and we will tell you how to create these

Please send an email to [email protected]