Book Image

Puppet Cookbook - Third Edition

Book Image

Puppet Cookbook - Third Edition

Overview of this book

Table of Contents (17 chapters)
Puppet Cookbook Third Edition
About the Authors
About the Reviewers

Auditing resources

Dry run mode, using the --noop switch, is a simple way to audit any changes to a machine under Puppet's control. However, Puppet also has a dedicated audit feature, which can report changes to resources or specific attributes.

How to do it...

Here's an example showing Puppet's auditing capabilities:

  1. Modify your site.pp file as follows:

    node 'cookbook' {
      file { '/etc/passwd':
        audit => [ owner, mode ],
  2. Run Puppet:

    [root@cookbook clients]# puppet agent -t
    Info: Caching catalog for
    Info: Applying configuration version '1413789080'
    Notice: /Stage[main]/Main/Node[cookbook]/File[/etc/passwd]/owner: audit change: newly-recorded value 0
    Notice: /Stage[main]/Main/Node[cookbook]/File[/etc/passwd]/mode: audit change: newly-recorded value 644
    Notice: Finished catalog run in 0.55 seconds

How it works...

The audit metaparameter tells Puppet that you want to record and monitor certain things about the resource. The value can be a list of the parameters that...