Oh, thanks. that is really helpful. In parallel, we have been kicking the tires on Insights for our RHEL servers too. We have a few Ubuntu servers, so obviously that won't work for them, but I do like the idea of using a Tripwire/AIDE type tool and then passing it off to Ansible if needed. You have definitely given me some things to ponder.
--John On Tue, Jun 27, 2023 at 5:18 PM Brian Coca <[email protected]> wrote: > For drift control i've found most CM systems to be lacking. I've > always used something like tripwire/aide to detect file changes and > correlate that with the proper configuration updates. Puppet and other > 'resident' systems seemsgood for this but they run every Nminutes > doing a lot of work to verify things, instead of using something like > inotify to trigger immediate response from a passive kenrel hook (via > fam deamon or something as simple as incron). This ends up being a LOT > more efficient and avoids a lot of useless processing. > > -- > ---------- > Brian Coca > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/CACVha7e7L_4mCsjTXxW7aK0TpastFRmZ3sobo7aCc6%3Dhtk83jA%40mail.gmail.com > . > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAPAjob9_qGAnXG6qFmmWVkjjpsaY%2BBmYC6H%3D75y3qe8pBjoC8w%40mail.gmail.com.
