audit_from_command

Execute an audit only command and reports depending on exit code.

⚙️ Compatible targets: Linux

Parameters

NameDocumentation
commandCommand to run.

This parameter is required.
compliant_codesList of codes that produce a compliant status separated with commas (ex: 1,2,5).

This parameter is required.

Outcome conditions

You need to replace ${command} with its actual canonified value.

  • ✅ Ok: audit_from_command_${command}_ok
    • ☑️ Already compliant: audit_from_command_${command}_kept
    • 🟨 Repaired: audit_from_command_${command}_repaired
  • ❌ Error: audit_from_command_${command}_error

Example

method: audit_from_command
params:
  compliant_codes: VALUE
  command: VALUE

Documentation

Execute an audit only command and reports depending on the exit codes given in parameters. If an exit code is not in the list it will lead to an error status. The command is always executed and the report is adapted to work properly in enforce and in audit mode. It is up to you to make sure the command doesn't modify the system status at all since it is always executed, even in audit mode.