Comments (4)
hi @txsastre
The audit can run in an automated way from remediate, i you look at the defaults/main.yml you will see a few settings you may want to change.
setup_audit
run_audit
There is more information in the readthedocs
there has been a few questions around this so watch the community as we may post a video to provide further information.
Hope that helps
uk-bolly
from ubuntu22-cis-audit.
hi there
thank you very much I've changed in /defaults/main.yml
##########################################
## Refer to vars/auditd.yml for any other settings ##
# Allow audit to setup the requirements including installing git (if option chosen and downloading and adding goss binary to system)
setup_audit: true
# enable audits to run - this runs the audit and get the latest content
run_audit: true
# Only run Audit do not remediate
audit_only: true
# As part of audit_only
# This will enable files to be copied back to control node
fetch_audit_files: true
but it also has modified the clients (hardened)
also checked community in https://discord.io/ansible-lockdown but it does not load
a video of how to configure all together would be really great.
by the way thank you very much for you playbooks and work
from ubuntu22-cis-audit.
hi @txsastre
I believe we have been speaking on discord, with the audit_only option? Can you confirm this is now working as expected and this can now be closed?
Many thanks
uk-bolly
from ubuntu22-cis-audit.
yes it it.
we solved the problems via Discord.
This can be close.
Thanks
from ubuntu22-cis-audit.
Related Issues (14)
- Wrong object to test and result in 1.1.24 HOT 1
- Ubuntu 22.04 (1.0.0) benchmark released HOT 3
- Error: template: test:85:33: executing "test" at <.Vars.machine_uuid>: map has no entry for key "machine_uuid" HOT 1
- Incorrect templating for level1/2 vars
- 6.1.8 and 6.1.9 are the same
- Results are not consistent in CIS audit output HOT 1
- Incorrect check HOT 1
- 5.4.5 (Ensure all current passwords uses the configured hashing algorithm) should accept an exit-code of '1' HOT 1
- Audit 1.4.3 | Ensure authentication required for single user mode fails when root password is set using yescrypt (now default in Ubuntu 22.x) HOT 1
- step 2.1.1.1 timesync daemon failed sometimes. HOT 1
- Extra or: in section_6/cis_6.2/cis_6.2.3.yml HOT 2
- Broken link to Goss documentation
- The CIS 4.1.3.2 check is not working HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ubuntu22-cis-audit.