Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Learning Puppet Security
  • Table Of Contents Toc
Learning Puppet Security

Learning Puppet Security

By : Slagle
4 (3)
Buy this Book
close
close
Learning Puppet Security

Learning Puppet Security

4 (3)
By: Slagle
Buy this Book

Overview of this book

If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Convention
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Puppet as a Security Tool
Icon
1. Puppet as a Security Tool
Icon
What is Puppet?
Icon
Installing and configuring Puppet
Icon
Preparing the environment for examples
Icon
Puppet for security and compliance
Icon
Example – using Puppet to secure openssh
Icon
Summary
2
2. Tracking Changes to Objects
Icon
2. Tracking Changes to Objects
Icon
Change tracking with Puppet
Icon
The audit meta-parameter
Icon
Using audit on files
Icon
Auditing the password file
Icon
Audit on other resource types
Icon
Auditing a package
Icon
Things to know about audit
Icon
Alternatives to auditing
Icon
Using noop
Icon
Summary
3
3. Puppet for Compliance
Icon
3. Puppet for Compliance
Icon
Using manifests to document the system state
Icon
Tracking history with version control
Icon
Facts for compliance
Icon
The PCI DSS and how Puppet can help
Icon
Summary
4
4. Security Reporting with Puppet
Icon
4. Security Reporting with Puppet
Icon
Basic Puppet reporting
Icon
PuppetDB and reporting
Icon
Reporting for compliance
Icon
Summary
5
5. Securing Puppet
Icon
5. Securing Puppet
Icon
Puppet security related configuration
Icon
SSL and Puppet
Icon
Autosigning certificates
Icon
Summary
6
6. Community Modules for Security
Icon
6. Community Modules for Security
Icon
The Puppet Forge
Icon
The herculesteam/augeasproviders series of modules
Icon
The arildjensen/cis module
Icon
The saz/sudo module
Icon
The hiera-eyaml gem
Icon
Summary
7
7. Network Security and Puppet
Icon
7. Network Security and Puppet
Icon
Introducing the firewall module
Icon
The firewall type
Icon
The firewallchain type
Icon
Creating pre and post rules
Icon
Adding firewall rules to other modules
Icon
Summary
8
8. Centralized Logging
chevron up
Icon
8. Centralized Logging
Icon
Welcome to logging happiness
Icon
Logstash and Puppet
Icon
Installing Elasticsearch
Icon
Reporting on log data
Icon
Configuring hosts to report log data
Icon
Summary
9
9. Puppet and OS Security Tools
Icon
9. Puppet and OS Security Tools
Icon
Introducing SELinux and auditd
Icon
SELinux and Puppet
Icon
Configuring SELinux with community modules
Icon
Configuring auditd with community modules
Icon
Summary
10
A. Going Forward
Icon
A. Going Forward
Icon
What we've learned
Icon
Where to go next
Icon
Final thoughts
11
Index
Icon
Index

Welcome to logging happiness

As previously mentioned, logging presents a challenge to many organizations. Gathering and processing log files is required for a number of reasons. It is used to watch for anomalous behavior as well as look for unauthorized activity.

For many years, a centralized syslog host was the most common method used to implement centralized logging. All of the hosts would ship their logs to one place and analysis was done there.

This worked OK for systems that used syslog for all logging. However, syslog has some drawbacks. It lacks a good way to deal with multiline records. Additionally, it only has a limited number of granularity levels so everything ended up logged in several giant log files. Attempts were made with various syslog agents to overcome some of these challenges, but there had to be a more complete way to handle the problem.

Enter Logstash. Logstash is nothing more than a system that takes input from multiple sources, parses it, and stores that output elsewhere...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Learning Puppet Security
End of Section 8
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon