auditd

Configures auditd and add some standard rule

Module Stats

11,063 downloads

7,555 latest version

4.6 quality score

Support the Puppet Community by contributing to this module

You are welcome to contribute to this module by suggesting new features, currency updates, or fixes. Every contribution is valuable to help ensure that the module remains compatible with the latest Puppet versions and continues to meet community needs. Complete the following steps:

Review the module’s contribution guidelines and any licenses. Ensure that your planned contribution aligns with the author’s standards and any legal requirements.
Fork the repository on GitHub, make changes on a branch of your fork, and submit a pull request. The pull request must clearly document your proposed change.

For questions about updating the module, contact the module’s author.

Version information

released Jan 16th 2016

This version is compatible with:

Start using this module

Installation method

Add this module to your Puppetfile:

mod 'lgbarn-auditd', '1.0.0'

Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add lgbarn-auditd

Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install lgbarn-auditd --version 1.0.0

Documentation

lgbarn/auditd — version 1.0.0 Jan 16th 2016

Overview
Module Description - What the module does and why it is useful
Setup - The basics of getting started with auditd
- What auditd affects
- Beginning with auditd
Usage - Configuration options and additional functionality
Reference - An under-the-hood peek at what the module is doing and how
Limitations - OS compatibility, etc.
Development - Guide for contributing to the module

Overview

This module will install a basic template for auditd rules. Thss should be a starting point for security auditing on your Linux server

Module Description

This module edits the default /etc/audit/auditd.conf and adds a /etc/audit/audit.rules file to the server and restarts auditd.

Setup

What auditd affects

/etc/audit/auditd.conf
/etc/audit/audit.rules
RPM Package audit will be installed
Servce auditd will be turned on and started

Beginning with auditd

Install module with sudo puppet module install auditd or use r10k.

Usage

Use the following syntax to get this module working:

include auditd

class { 'auditd': }

Reference

Classes

Public Classes

auditd: Installs and configures auditd on your server.

<<<<<<< HEAD ####Private Classes

auditd::config: Configures the module.
auditd::install: Installs auditd package on your server.
auditd::params: Sets parameters for module.
auditd::service: Configures auditd service.

Private Classes

<<<<<<< HEAD

auditd::config: Configures the module.
auditd::install: Installs auditd package on your server.
auditd::params: Handle parameters to module.
auditd::service: Configures auditd service.

e4b38a3... added space for proper markdown formatting
auditd::config: Configures the module.
auditd::install: Installs auditd package on your server.
auditd::params: Handle parameters to module.
auditd::service: Configures auditd service.

5bc0cb1... added module install specifics

Limitations

This module has only been tested on RedHat,CentOS and it derivatives. All other distributions are not supported.

Development

This module is public and can be found on githubhere

Changelog

1.0.0

Deleted Gemfile.lock because it is not needed
Added several directories that need to be ignored and should not be tracked
Modified Gemfile and spec requirements to rewrite spec tests
Modified spec tests and module to new format for puppet 4 specifications
Added Gemfile.lock file
Added support for Puppet versions 3.8, 4.0, 4.1 and 4.2 for travis-ci testing
Removed FUTURE_PARSER from .travis file because future is now
Removed extra class check
Added space for proper markdown formatting
Added module install specifics
Removed testing code for server temporarily
Added vagrant-wrapper dependency
Cleaned up code to conform to best practice
Modified .travis.yml so CI is only automated to master and production branches

0.8.0

converted anchors to contain statements
re-added spec testing

0.7.3

corrected url

0.7.2

Added travis testing url

0.7.1

corrected links in metadata

0.7.0

added Linux Support metadata
changed module name in README.md
Added code for Code Climate checks in Travis
Removed spec/classes and included spec check by default
cleaned up errors
corrected scope and lint errors
added metadata-json-lint for travis site
copied Rakefile
renamed travis file
adding travis.yml file for testing

0.6.0

changed description and license
properly formatted and encapsulated describe statements
added the proper serverspec tests
added .vagrant directory to .gitignore
changed class definition and changed apply_manifest options
corrected errors that prevented module install to correct paths
added .gitignore file
removed stdlib since it was only needed for rspec testing
added acceptance testing
Cleaned up syntax and added chaining
added spec files for testing module
added rspec_helper.rb to puppet skeleton
added rspec puppet skeleton
exclude direct root since this is not allowed
add auditing of users executing root commands
add userdel to list of programs to monitor
changed audit.rules name
changed audit.rules location
corrected audit.rules source file
corrected package name
corrected syntax error
added default rules
added default chaining
changed module class name to a more standard convention
removed commas from end of lines
Corrected spelling

0.5.0

modified init.pp to use params.pp
added params.pp file
added config.pp file
Converted lines to parameters fro params.pp
added service.pp
added install.pp
changed resource to file

0.4.0

added project file
modified source metadata
modified version_requirement keyword
corrected module name to match class in init.pp
added author
commented include line
Added TODO list

Modules

Discover

Contribute

Puppet

Premium features

Downloads

Resources

About Forge

Getting Started