I will give it a try, thank you. Sorry about the slow reply--been a busy day
On Thursday, May 9, 2024 at 1:30:29 AM UTC-6 Dick Visser wrote: > In any case, the following tasks works fine for me: > > > --- > - name: test > become: true > hosts: bar > tasks: > - name: foo > command: aureport > register: out > > - debug: var=out.stdout_lines > > > > > TASK [debug] > *************************************************************************************** > ok: [bar] => > out.stdout_lines: > - '' > - Summary Report > - ====================== > - 'Range of time in logs: 05/09/2024 09:21:28.628 - 05/09/2024 > 09:28:42.513' > - 'Selected time for report: 05/09/2024 09:21:28 - 05/09/2024 09:28:42.513' > - 'Number of changes in configuration: 3' > - 'Number of changes to accounts, groups, or roles: 0' > - 'Number of logins: 6' > - 'Number of failed logins: 0' > - 'Number of authentications: 1' > - 'Number of failed authentications: 0' > - 'Number of users: 4' > - 'Number of terminals: 9' > - 'Number of host names: 3' > - 'Number of executables: 6' > - 'Number of commands: 5' > - 'Number of files: 0' > - 'Number of AVC''s: 0' > - 'Number of MAC events: 0' > - 'Number of failed syscalls: 0' > - 'Number of anomaly events: 0' > - 'Number of responses to anomaly events: 0' > - 'Number of crypto events: 0' > - 'Number of integrity events: 0' > - 'Number of virt events: 0' > - 'Number of keys: 0' > - 'Number of process IDs: 49' > - 'Number of events: 221' > > On Thu, 9 May 2024 at 09:28, Dick Visser <[email protected]> wrote: > > > > On Thu, 9 May 2024 at 00:12, John Harmon <[email protected]> wrote: > > > > > > I am running this in my task file (tried shell, command, and raw). Any > idea why and how to work around the issue?: > > > > > > - name: Check number of AVCs > > > ansible.builtin.raw: "aureport | grep -i avc" > > > register: avcreport > > > > > > - debug: > > > var: avcreport > > > > > > It returns a report with all zero values, but if I run this directly > on a server I get non-zero values. Can't seem to figure out why: > > > > > > "aureport_output.stdout_lines": [ > > > "", > > > "Summary Report", > > > "======================", > > > "Range of time in logs: 01/01/1970 00:00:00.000 - 01/01/1970 > 00:00:00.000", > > > "Selected time for report: 01/01/1970 00:00:00 - 01/01/1970 > 00:00:00.000", > > > "Number of changes in configuration: 0", > > > "Number of changes to accounts, groups, or roles: 0", > > > "Number of logins: 0", > > > "Number of failed logins: 0", > > > "Number of authentications: 0", > > > "Number of failed authentications: 0", > > > "Number of users: 0", > > > "Number of terminals: 0", > > > "Number of host names: 0", > > > "Number of executables: 0", > > > "Number of commands: 0", > > > "Number of files: 0", > > > "Number of AVC's: 0", > > > "Number of MAC events: 0", > > > "Number of failed syscalls: 0", > > > "Number of anomaly events: 0", > > > "Number of responses to anomaly events: 0", > > > "Number of crypto events: 0", > > > "Number of integrity events: 0", > > > "Number of virt events: 0", > > > "Number of keys: 0", > > > "Number of process IDs: 0", > > > "Number of events: 0" > > > > This is NOT the output of the task you posted above, because that > > command with the piped grep cannot return all those lines. > > Can you post accurate playbooks and output? > > > > > Directly on the server I get this: > > > > > > > > > Summary Report > > > ====================== > > > Range of time in logs: 05/08/2024 02:48:03.967 - 05/08/2024 > 22:10:09.990 > > > Selected time for report: 05/08/2024 02:48:03 - 05/08/2024 22:10:09.990 > > > Number of changes in configuration: 0 > > > Number of changes to accounts, groups, or roles: 0 > > > Number of logins: 15 > > > Number of failed logins: 705 > > > Number of authentications: 3 > > > Number of failed authentications: 0 > > > Number of users: 3 > > > Number of terminals: 6 > > > Number of host names: 5 > > > Number of executables: 21 > > > Number of commands: 31 > > > Number of files: 1401 > > > Number of AVC's: 15184 > > > Number of MAC events: 1124 > > > Number of failed syscalls: 544 > > > Number of anomaly events: 0 > > > Number of responses to anomaly events: 0 > > > Number of crypto events: 4990 > > > Number of integrity events: 0 > > > Number of virt events: 0 > > > Number of keys: 0 > > > Number of process IDs: 10864 > > > Number of events: 70010 > > > > > > I would suspect some environment variables are off, or the become logic > is off. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2e2affab-63af-4f10-bae0-5cdb1108495dn%40googlegroups.com.
