FreeBSD pkgaudit xymon script
list Mark Felder
I hacked together a script to collect pkgaudit data with Xymon and potentially alert when one of your servers has vulnerable packages installed. It can also optionally run pkgaudit against all of your jails on the server in case you don't want to have a separate xymon-client in each jail. The jails can be filtered out with grep and by default ignore jails with "poudriere" in the name or path as those are short lived and would be false positives. I'm considering having it be installed by default with the net-mgmt/xymon-client port and I'm also unsure if I should enable it by default. The data output is simple and could probably be improved, but it seems to serve the purpose well enough. I've also thrown it on github so if anyone cares enough to tweak and tune it I'll certainly be interested in your changes. https://github.com/feld/xymon-ext-scripts/ Cheers!
list Galen Johnson
Have you considered adding it to Xymonton, as well?
▸
On Tue, Jan 13, 2015 at 8:58 PM, Mark Felder <user-db141d317836@xymon.invalid> wrote:
I hacked together a script to collect pkgaudit data with Xymon and potentially alert when one of your servers has vulnerable packages installed. It can also optionally run pkgaudit against all of your jails on the server in case you don't want to have a separate xymon-client in each jail. The jails can be filtered out with grep and by default ignore jails with "poudriere" in the name or path as those are short lived and would be false positives. I'm considering having it be installed by default with the net-mgmt/xymon-client port and I'm also unsure if I should enable it by default. The data output is simple and could probably be improved, but it seems to serve the purpose well enough. I've also thrown it on github so if anyone cares enough to tweak and tune it I'll certainly be interested in your changes. https://github.com/feld/xymon-ext-scripts/ Cheers!
list Mark Felder
▸
On Tue, Jan 13, 2015, at 20:00, Galen Johnson wrote:
Have you considered adding it to Xymonton, as well?
I may, but I don't know if I want to go through the hassle of updating it on the Xymonton site every time I make a slight modification / improvement. It's just a bit inconvenient.
list Jeremy Laidman
You don't need to have the script uploaded to Xymonton, just mentioned. Just have a quick blurb about your script and a link to your own page.
▸
On 15 January 2015 at 00:56, Mark Felder <user-db141d317836@xymon.invalid> wrote:
On Tue, Jan 13, 2015, at 20:00, Galen Johnson wrote:Have you considered adding it to Xymonton, as well?I may, but I don't know if I want to go through the hassle of updating it on the Xymonton site every time I make a slight modification / improvement. It's just a bit inconvenient.