[Infrastructures] ISconf 4.2.6 prerelease (was: Change Audit Trail)

Steve Traugott stevegt@TerraLuna.Org
Sat, 27 Aug 2005 17:34:19 -0700 

ISconf 4 (http://trac.t7a.org/isconf) executes all changes by reading
the journal rather than the other way around; the host doesn't change
without the journal entry being made first, and the journal entry by
necessity contains everything known about the change.  A complete
audit trail was one of the requirements.

I put in about 140 hours in the last 7 days getting 4.2.6 to late
prerelease condition.  (No, I'm not doing the math wrong, and no, I
don't want to do that again.)  I'm pretty happy with the results,
we're testing now, and I expect 4.2.6 to release in the next several
days.  I'll post a formal release announcement here when that happens.

See http://trac.t7a.org/isconf/pub/ for the latest tarballs, and see
http://trac.t7a.org/isconf/roadmap for features and restrictions of
each release.

Steve


On Sat, Aug 27, 2005 at 12:14:21PM -0600, Kyle Moore wrote:
> How do you maintain an audit trail with a system like ISConf, Radmind or 
> Cfengine? I'm in a tightly audited environment and am going to implement 
> Cobit for the company and, more specifically, ITIL for Service 
> Management. Cornerstones of these three things are reporting to 
> Executive Management and auditing agencies (FDIC, Banking Commission, 
> SEC, NASD, SAS70).
> 
> In the research I have done to determine which system to use I don't see 
> how ISConf, Radmin or Cfengine deal with producing reports detailing the 
> actual change. We have a change management system that gives much of 
> what we need but the other piece I need is a system-generated listing of 
> what exactly changed on the system, who made the change, when was it 
> made, etc. The only thing I can think of is to use Tripwire in addition 
> to one of these tools to track the changes.
> 
> Commercial systems like Opsware, BladeLogic, BMC Marimba and IBM Tivoli 
>  seem to offer full-blown configuration management databases that have 
> prebuilt and custom reporting like I describe above.
> 
> Thanks for reading.
> 
> -- 
> Kyle Moore
> 

> begin:vcard
> fn:Kyle Moore
> n:Moore;Kyle
> adr:;;5283 S Holland St;Littleton ;CO;80123;United States of America
> email;internet:kmoore@mooreimages.com
> tel;home:720-981-5977
> x-mozilla-html:TRUE
> url:http://www.mooreimages.com
> version:2.1
> end:vcard
> 


-- 
Stephen G. Traugott  (KG6HDQ)
UNIX/Linux Infrastructure Architect, TerraLuna LLC
stevegt@TerraLuna.Org 
http://www.stevegt.com -- http://Infrastructures.Org