Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/skipmcgee/host_security

Red Hat Enterprise Linux 6 & 7 security tool for enumerating security and IT operations-relevant information on a host and forwarding to a SIEM or enterprise syslog server in key='value' format.
https://github.com/skipmcgee/host_security

cyber cybersecurity linux python3 rhel6 rhel7 security security-tools syslog

Last synced: 3 months ago
JSON representation

Red Hat Enterprise Linux 6 & 7 security tool for enumerating security and IT operations-relevant information on a host and forwarding to a SIEM or enterprise syslog server in key='value' format.

Awesome Lists containing this project

README 

        
## RHEL 6 & 7 Host Security Tool

This package consists of a host enumeration script (hostinfo.py), and an ansible playbook to copy the script and create a weekly cron job to run it.

### The script (hostinfo.py): 

Identifies security-relevant data and sends it to your SIEM or syslog collector in key='value' syntax. There is an xml-user account scrubber included which could be easily modified for your environment if you are storing your user account data in xml. Before running hostinfo.py it is worth validating that the import modules do exist and are able to be installed in your environment. 

### The ansible (playbook ansible-playbook-hostinfo.yml):

Requires validating the directory paths and users you want to execute the playbook (may require adjustment for your environment). Items that need to be tweaked for your environment are identified with "{}". 

#####

Requires python/3.2+ on either RHEL 6 or RHEL 7; due to use of platform.dist module, cannot be run with python/3.7+