Hi there,
There is a task in which I will use Chef Infra Server and Chef Client to do file integrity monitoring (or file change tracking) for hundreds of servers, and below is the approach that I came up with.
-
Prepare a program to generate snapshots of a node with the following information, and call this program in the recipe to make sure it generates a new snapshot for that node when chef-client runs.
filepath, filetype, permission, modified_time, size, checksum -
After each chef-client run, the snapshots (txt files) will be sent to a centralized server (here I want to use Chef server)
-
Calculate the diffs based on the snapshots sent from chef-clients on Chef server and forward these diffs to another monitoring platform, say Splunk.
My question is what the best practice is to send the snapshots data from chef client to chef server? Or are there any alternatives to complete task of file change monitoring with Chef?