audit.py a friendly auditing tool


Instructions/information:

- audit.py must be run directly from a satellite server itself
- it should work on embedded or external databases
  
-  To run, simply place the file in /root/ and run:
# python audit.py


-  To specify a separator (for a comma delimited list for example):
# python audit.py --separator=','

- Output will be saved to 'audit.txt'
- To validate an audit log:
# python audit.py --validate=audit.txt

- Sample output from audit validation:

[root@dually ~]# python audit.py  --validate=audit.txt
The following should match:
4a10a70e4440c975789f0127606d5950  -
4a10a70e4440c975789f0127606d5950  ./audit.txt

- Validation is meant to stop casual editing (not intended to be secure)



Things checked:

- All systems are printed out in a list (optionally delimited):

id              name                                release    virt status     registration date         last checkin
--------------  ----------------------------------- ---------- --------------- ---------------           -----------------
1000010219      api-virt021SZFOX485LG               5Server    Host            2008-12-19 13:01:47       2008-12-19 13:01:55
1000010220      api-virt021SZFOX485LG_Guest         5Server    Guest           2008-12-19 13:02:06       2008-12-19 13:02:13
1000010227      api-virt5WzBGFOX7OBJM               5Server    Host            2008-12-19 14:38:19       2008-12-19 14:38:23
1000010228      api-virt5WzBGFOX7OBJM_Guest         5Server    Guest           2008-12-19 14:38:31       2008-12-19 14:38:33
1000010229      api-virt5WzBGFOX7OBJM_Guest         5Server    Guest           2008-12-19 14:38:35       2008-12-19 14:38:36

   Note that all virt guests are printed after each corresponding virt host.


- Ensures a virt host does not have more than 4 virt guests unless the host has 'virtualization_platform' as an entitlement.
    The following warning will be printed if it does have more than 4:

Virt Audit:
Alert: Virtual Host api-virt5WzBGFOX7OBJM (1000010227) has more than 4 guests, but does not have a 'virt host platform' entitlement
Alert: Virtual Host api-virtRjP8NFOX7NGTS (1000010221) has more than 4 guests, but does not have a 'virt host platform' entitlement
Virt Audit Completed


- Ensures that the satellite does not have more RHEL Servers or Clients than what subscriptions allow for. Guests are not included in this count, and 'last checkin' is NOT used to determine if the machine has checked in recently. 

	If the data is not suspect (by this script), the following will be printed:

Audit system counts:
There are 94 out of 100 rhel-server entitlements being used.
There are 0 out of 100 rhel-client entitlements being used.
Total Clients registered: 0
Total Servers registered: 93
System Count audit complete.


	If this is suspect, the following will also be printed (say for example, the above had 'Total servers registered' at 105):

ALERT: There are more Server systems registered than there are entitlements for.






