Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Enterprise Automation on Linux

You're reading from   Hands-On Enterprise Automation on Linux Efficiently perform large-scale Linux infrastructure automation with Ansible

Arrow left icon
Product type Paperback
Published in Jan 2020
Publisher Packt
ISBN-13 9781789131611
Length 512 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
James Freeman James Freeman
Author Profile Icon James Freeman
James Freeman
Arrow right icon
View More author details
Toc

Table of Contents (23) Chapters Close

Preface 1. Section 1: Core Concepts
2. Building a Standard Operating Environment on Linux FREE CHAPTER 3. Automating Your IT Infrastructure with Ansible 4. Streamlining Infrastructure Management with AWX 5. Section 2: Standardizing Your Linux Servers
6. Deployment Methodologies 7. Using Ansible to Build Virtual Machine Templates for Deployment 8. Custom Builds with PXE Booting 9. Configuration Management with Ansible 10. Section 3: Day-to-Day Management
11. Enterprise Repository Management with Pulp 12. Patching with Katello 13. Managing Users on Linux 14. Database Management 15. Performing Routine Maintenance with Ansible 16. Section 4: Securing Your Linux Servers
17. Using CIS Benchmarks 18. CIS Hardening with Ansible 19. Auditing Security Policy with OpenSCAP 20. Tips and Tricks 21. Assessments 22. Other Books You May Enjoy

Interpreting results

So far, we have seen that the OpenSCAP scans, especially the XCCDF-based ones, produce nice, easy-to-read reports that you can easily take action on. However, if the reports are not clear to you, then you would not know what needs fixing to rectify the lack of compliance.

Fortunately, both the OVAL policies we used earlier to check for vulnerable packages and the XCCDF-based reports contain enough information for you to do both things.

Let's take an example from our earlier scan of our CentOS 7 server using the SSG version 0.1.47. In this, we failed, among other things, a check called Disable ntpdate Service (ntpdate). Suppose that this result was not obvious to you, and you were unsure what the underlying problem was or why it was an issue. Fortunately, in the HTML report generated from this scan, you can click on the check title. A screen should pop...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime