audit_from_command
Execute an audit only command and reports depending on exit code.
⚙️ Compatible targets: Linux
Parameters
Name | Documentation |
---|---|
command | Command to run. This parameter is required. |
compliant_codes | List of codes that produce a compliant status separated with commas (ex: 1,2,5). This parameter is required. |
Outcome conditions
You need to replace ${command}
with its actual canonified value.
- ✅ Ok:
audit_from_command_${command}_ok
- ☑️ Already compliant:
audit_from_command_${command}_kept
- 🟨 Repaired:
audit_from_command_${command}_repaired
- ☑️ Already compliant:
- ❌ Error:
audit_from_command_${command}_error
Example
method: audit_from_command
params:
compliant_codes: VALUE
command: VALUE
Documentation
Execute an audit only command and reports depending on the exit codes given in parameters. If an exit code is not in the list it will lead to an error status. The command is always executed and the report is adapted to work properly in enforce and in audit mode. It is up to you to make sure the command doesn't modify the system status at all since it is always executed, even in audit mode.