Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Learning Puppet Security
  • Table Of Contents Toc
Learning Puppet Security

Learning Puppet Security

By : Slagle
4 (3)
Buy this Book
close
close
Learning Puppet Security

Learning Puppet Security

4 (3)
By: Slagle
Buy this Book

Overview of this book

If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Convention
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Puppet as a Security Tool
Icon
1. Puppet as a Security Tool
Icon
What is Puppet?
Icon
Installing and configuring Puppet
Icon
Preparing the environment for examples
Icon
Puppet for security and compliance
Icon
Example – using Puppet to secure openssh
Icon
Summary
2
2. Tracking Changes to Objects
chevron up
Icon
2. Tracking Changes to Objects
Icon
Change tracking with Puppet
Icon
The audit meta-parameter
Icon
Using audit on files
Icon
Auditing the password file
Icon
Audit on other resource types
Icon
Auditing a package
Icon
Things to know about audit
Icon
Alternatives to auditing
Icon
Using noop
Icon
Summary
3
3. Puppet for Compliance
Icon
3. Puppet for Compliance
Icon
Using manifests to document the system state
Icon
Tracking history with version control
Icon
Facts for compliance
Icon
The PCI DSS and how Puppet can help
Icon
Summary
4
4. Security Reporting with Puppet
Icon
4. Security Reporting with Puppet
Icon
Basic Puppet reporting
Icon
PuppetDB and reporting
Icon
Reporting for compliance
Icon
Summary
5
5. Securing Puppet
Icon
5. Securing Puppet
Icon
Puppet security related configuration
Icon
SSL and Puppet
Icon
Autosigning certificates
Icon
Summary
6
6. Community Modules for Security
Icon
6. Community Modules for Security
Icon
The Puppet Forge
Icon
The herculesteam/augeasproviders series of modules
Icon
The arildjensen/cis module
Icon
The saz/sudo module
Icon
The hiera-eyaml gem
Icon
Summary
7
7. Network Security and Puppet
Icon
7. Network Security and Puppet
Icon
Introducing the firewall module
Icon
The firewall type
Icon
The firewallchain type
Icon
Creating pre and post rules
Icon
Adding firewall rules to other modules
Icon
Summary
8
8. Centralized Logging
Icon
8. Centralized Logging
Icon
Welcome to logging happiness
Icon
Logstash and Puppet
Icon
Installing Elasticsearch
Icon
Reporting on log data
Icon
Configuring hosts to report log data
Icon
Summary
9
9. Puppet and OS Security Tools
Icon
9. Puppet and OS Security Tools
Icon
Introducing SELinux and auditd
Icon
SELinux and Puppet
Icon
Configuring SELinux with community modules
Icon
Configuring auditd with community modules
Icon
Summary
10
A. Going Forward
Icon
A. Going Forward
Icon
What we've learned
Icon
Where to go next
Icon
Final thoughts
11
Index
Icon
Index

The audit meta-parameter

The audit meta-parameter is the primary change tracking method currently in Puppet. It was introduced in Puppet 2.6, and it provides a way to monitor a resource without enforcing a state on it.

With the introduction of Puppet Enterprise 1.2, Puppet Enterprise gained a compliance dashboard that allowed you to configure and track file changes. This dashboard has since been removed, but it relied heavily on the audit meta-parameter and allowed you to quickly set up auditing.

The audit meta-parameter is a bit of a divergence in the Puppet world. The declarative nature of Puppet is to model the desired state of a resource and allow Puppet to get it there. The audit meta-parameter can allow you to say that you may not care about the state of an item, but you want to know if it changes.

How it works

The audit system works by keeping track of the state of the attributes you monitor. At the end of every run, it persists the state of those objects.

If at the start of a run Puppet...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Learning Puppet Security
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon