Unfortunately, I very much share Felix's fear in getting swamped by facts. I mean, there are *thousands* of CVEs.
Good goal though, I'll have to think about this. Trevor On Mon, Oct 13, 2014 at 12:41 PM, Garrett Honeycutt <[email protected] > wrote: > On 10/13/14 8:59 AM, Trevor Vaughan wrote: > > Would it be possible to side-load this into PuppetDB? > > > > For instance, instead of running the full list of checks with every run > > of puppet, have a cron job (or something) that runs the list and feeds > > the data directly into PuppetDB for the node. > > > > That would take the pressure off of each Puppet run but still make the > > data available. > > > > A nifty MCollective plugin for triggering full runs or targeting > > specific CVE regexes would be handy for catching things like Shellshock. > > > > For skipping facts, why not use a JSON/YAML file? > > > > Trevor > > > > Hi Trevor, > > Goal is to use facts so vulnerabilities could be determined without > Puppet while also working with Puppet and its ecosystem - PuppetDB and > MCollective. > > Good idea on skipping facts using structured data. While that is easy on > the fact side to implement in ruby, it seems easier to implement from > puppet using either file{} or file_line{} as I want to maintain the > ability to specify an array of facts to skip through Hiera. > > BTW: Could really use help adding code to check for more CVE's :) > > Best regards, > -g > > -- > Garrett Honeycutt > @learnpuppet > Puppet Training with LearnPuppet.com > Mobile: +1.206.414.8658 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/543C00CE.1000301%40garretthoneycutt.com > . > For more options, visit https://groups.google.com/d/optout. > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 [email protected] -- This account not approved for unencrypted proprietary information -- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CANs%2BFoUMETU4nmeAjWEvU7R7N2w8LfadLnRyFtv9YcHPQb-mSg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
