[Beowulf] Configuration change monitoring

Walid walid.shaari at gmail.com
Thu Aug 30 10:56:03 PDT 2007


Hi mark

On 8/30/07, Mark Hahn <hahn at mcmaster.ca> wrote:
>
> > There is a big push where i work to use commercial monitoring, and
> service
>
> I'm terribly sorry.  this is a sign that accountants have eaten
> the brains of your IT heads.


It is more the ITIL standards, and Commercial vendor  lobbying, our
accountants are clueless :)

HPC clusters are normally a horde of clones.  no configuration change
> is applied individually to a node, but rather applied en-mass.
> reimaging nodes is not a huge big deal, for instance (and a non-event
> if you use nfs-root - definitely a good idea in some cases.)
>

True The only frequent changes are user account modification, mounted nfs
files, and scheduler configurations files if log level need to be altered. I
can just write a script or use a file integrity checker to check these. The
problem is that the department that is asking us to implement configuration
change monitoring based on a security audit items want more  than that, want
to know if a service was modified, and was that according to an agreed
policy or not.? I was thinking maybe if i can estabilsh some baselines
through ganglia, and log monitoring probably using SEC, I could advise a
solution, and the alerting probably could be done using
SEC/GroundWorks/Zenoss

regards

Walid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20070830/845f34c4/attachment.html>


More information about the Beowulf mailing list