A puppet module that installs lynis [rootkit.nl/projects/lynis.html] and allows you to configure profiles with associated daily cron entries. A script is provided as well that converts converts the lynis-report.dat file to json, adds the @timestamp and @version keys, and appends it to a file to be imported straight into logstash.
Generic lynis install
class { 'lynis': }
Adding a profile to be run manually
lynis::profile { 'my_profile':
profile_name => 'my_profile',
source => 'puppet:///data/lynis/my_profile.prf',
}
Adding a profile and using the random hour/minute cron settings, with JSONification of the report
lynis::profile { 'my_profile':
profile_name => 'my_profile',
source => 'puppet:///data/lynis/my_profile.prf',
cron => true,
logstashify => true,
}
Only tested on CentOS 6
License:
Released under the Apache 2.0 licence
- Fork it
- Create a topic branch
- Improve/fix
- Push new topic branch
- Submit a PR