I am running this in my task file (tried shell, command, and raw). Any
idea why and how to work around the issue?:
- name: Check number of AVCs
ansible.builtin.raw: "aureport | grep -i avc"
register: avcreport
- debug:
var: avcreport
It returns a report with all zero values, but if I run this directly on a
server I get non-zero values. Can't seem to figure out why:
"aureport_output.stdout_lines": [
"",
"Summary Report",
"======================",
"Range of time in logs: 01/01/1970 00:00:00.000 - 01/01/1970
00:00:00.000",
"Selected time for report: 01/01/1970 00:00:00 - 01/01/1970
00:00:00.000",
"Number of changes in configuration: 0",
"Number of changes to accounts, groups, or roles: 0",
"Number of logins: 0",
"Number of failed logins: 0",
"Number of authentications: 0",
"Number of failed authentications: 0",
"Number of users: 0",
"Number of terminals: 0",
"Number of host names: 0",
"Number of executables: 0",
"Number of commands: 0",
"Number of files: 0",
"Number of AVC's: 0",
"Number of MAC events: 0",
"Number of failed syscalls: 0",
"Number of anomaly events: 0",
"Number of responses to anomaly events: 0",
"Number of crypto events: 0",
"Number of integrity events: 0",
"Number of virt events: 0",
"Number of keys: 0",
"Number of process IDs: 0",
"Number of events: 0"
*Directly on the server I get this:*
Summary Report
======================
Range of time in logs: 05/08/2024 02:48:03.967 - 05/08/2024 22:10:09.990
Selected time for report: 05/08/2024 02:48:03 - 05/08/2024 22:10:09.990
Number of changes in configuration: 0
Number of changes to accounts, groups, or roles: 0
Number of logins: 15
Number of failed logins: 705
Number of authentications: 3
Number of failed authentications: 0
Number of users: 3
Number of terminals: 6
Number of host names: 5
Number of executables: 21
Number of commands: 31
Number of files: 1401
Number of AVC's: 15184
Number of MAC events: 1124
Number of failed syscalls: 544
Number of anomaly events: 0
Number of responses to anomaly events: 0
Number of crypto events: 4990
Number of integrity events: 0
Number of virt events: 0
Number of keys: 0
Number of process IDs: 10864
Number of events: 70010
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/1d4727fa-01e6-4179-9e59-6bc17b49ca8fn%40googlegroups.com.
