hi there,
i know this question has probably been asked a hundred times before....i've
also done some digging in our beloved ossec google groups, but haven't
found the right answer yet.
i want to deploy the ossec-agents with puppet, and therefore i'd need a
puppet manifest. i have already added the atomic rpm's to our local repo.
so far i found this manifest in the ossec groups.
class node_security::ossec::agent {
# Define variables
$ossec_server = extlookup("ossec_server")
# Install RPM
$wantedpackages = [ "ossec" ]
package { $wantedpackages:
ensure => installed,
require => Yumrepo[internal_repos],
}
# Install ossec configuration file
file {"/var/ossec/etc/ossec.conf":
owner => root,
# OSSEC gid is 11002
group => 11002,
mode => 0644,
content =>
template("node/ossec/agent/ossec.conf.erb"),
require => Package["ossec"],
}
# With OSSEC 2.6 server, autoregistration is enabled
exec { "AutoRegistration process":
command => "/var/ossec/bin/agent-auth -m
${ossec_server} || true"
,
creates => "/var/ossec/etc/client.keys",
require => Package["ossec"],
subscribe => File["/var/ossec/etc/ossec.conf"],
}
# Start OSSEC service at boot
service { ossec:
name => ossec,
enable => true,
ensure => running,
hasrestart => true,
hasstatus => true,
require => [ Package["ossec"],
Exec["AutoRegistration process"] ],
}
}
is this sufficient or do I need more?
ideally i would like to roll out the agent rpm's to my servers....so from
what I see this puppet manifest also initiates/generates the client keys
roll-out?! this is superb news....so this means the installation process is
fully automated?!
does anything else need to be done manually?
very much looking forward to your advice/help!
thanks,
theresa
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
