[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Réf. : Pulling files from all hosts to one host.
From: |
paguerlais |
Subject: |
Réf. : Pulling files from all hosts to one host. |
Date: |
Fri, 25 Jul 2003 10:27:33 +0200 |
Here are some ideas to deal with your problem :
- use a secured tunnel (VPN, IPSec, ...) between your clients and your
central log server
- use SSH to copy your files. A simple shell script can do the job.
- try to send your logs through syslog and get them with syslog-ng. The
transport must of course be done in a secured tunnel (VPN, IPSec, ...).
Patrice
help-cfengine-bounces+paguerlais=airfrance.fr@gnu.org@rimspace.net> le
25/07/2003 02:00:22
Envoyé par : Daniel Pittman <daniel@rimspace.net>
Pour : help-cfengine@gnu.org
cc :
Objet : Pulling files from all hosts to one host.
One of the things I want to achieve in my infrastructure is to have a
central host where log reports are gathered from the rest of the
machines.
Now, I can't afford to have these reports tampered with in flight, and I
can't afford to reveal the content of the reports in transit. Worse, I
need to ensure that as much as possible can be recovered from them if
they are tampered with...
So, since I already have this nice, big web of trust with cfengine
handing around I wanted to use that to pull the reports from the client
machines.
My first through was to iterate over a list of all hosts in a copy
command, but that can't be done; copy doesn't iterate.
After a bunch of reading and thinking, the best I can come up with is to
write a shell script that gets called with iteration, and to have that
script invoke cfengine with a custom-generated config file from that.
Can anyone suggest a better way of doing this? I would rather avoid
introducing another trust layer if I can avoid it, since that's a real
PITA to manage.
Daniel
--
Nothing is more beautiful than the loveliness of the woods before sunrise.
-- George Washington Carver
_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://mail.gnu.org/mailman/listinfo/help-cfengine
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Réf. : Pulling files from all hosts to one host.,
paguerlais <=