This series of blogs, Monthly Module Mondays , started on April Fool’s Day 2024 discussing how to Inventory and remediate Red Hat Enterprise Linux with Security Technical Implementation Guides (STIGs) has now reached the 10th installment showcasing a couple of modules to take stock of what services are running on your systems.
Command line tools are useful!
Thanks to both systemd and Windows Services command line tools systemctl and Powershell’s Get-Service supporting output of json format lists of running services it is easy to bring together the power of CFEngine to run commands, read json files and collect inventory which can be used for many purposes such as: reporting, alert widgets, compliance reports as well as our new Groups feature.
Add some modules
To add this inventory simply add two modules:
inventory-systemd
and
inventory-windows-services
to your Build project either via the command line
cfbs tool
or in Mission Portal with the Build app.
Inventory report with services running information
After the project is pushed and deployed to hosts and the hosts have a chance to collect the information and report back we can run the Inventory report and add two columns: Systemd service units running and Windows services running.
We now see a list of services running on each system.
From here we can use this information.
Services running compliance report
For example, to create a compliance report that states that CFEngine service must be running on every host regardless of Linux or Windows.
Creating a new compliance report and adding two checks, we use the inventory we have gathered and check
Systemd service units running that it matches cf-execd.service
for hosts that match the linux class.
and
Windows services running that it matches Cfengine Nova Executor
for hosts that match the windows class.
And voila! I have 100% compliance!
If I visit one host, rocky-9 and run systemctl stop cf-execd; systemctl disable cf-execd and use the Host Info page to collect fresh reports my compliance changes to 75%.
Questions?
If you have questions or need help, reach out on the mailing list or GitHub discussions. If you have a support contract, feel free to open a ticket in our support system.
