Chris Gondolin Samhain

Learn about configurations >

• application_name | string

  Default: samhain

  Operating name of the charm

• attributes_dirs | string

  Directories for which we care about only permission and ownership changes

• attributes_files | string

  Default: /etc/mtab /etc/resolv.conf /etc/localtime /etc/adjtime /etc/network/run/ifstate /etc/ld.so.cache

  Files for which we care about only permission and ownership changes

• enable_apt_check | string

  Default: no

  Once enabled, this will prevent apt from installing new packages if samhain thinks the system is unclean. It starts disabled to avoid problems during initial Juju installs. Note: Enabling this option is a one-way process

• event_severity | string

  Default: SeverityReadOnly=crit SeverityLogFiles=crit SeverityGrowingLogs=warn SeverityIgnoreNone=crit SeverityAttributes=crit

  Set policy violation severity levels

• growing_logfiles | string

  Default: /var/log/wtmp /var/log/faillog /var/log/auth.log /var/log/daemon.log /var/log/kern.log /var/log/syslog

  Files for which we ignore changes in signature, timestamps and increases in size

• ignore_added | string

  Default: /etc/samba/dhcp\.conf(\.new)?$

  Suppress messages about the creation of files matching these regexes

• ignore_all_dirs | string

  Dirs that can change freely

• ignore_all_files | string

  Default: /etc/nologin /etc/network/run

  Files that can change freely

• ignore_missing | string

  Default: /etc/samba/dhcp\.conf(\.new)?$

  Suppress messages about the absense of files matching these regexes

• ignore_modified | string

  Suppress messages about the absense of files matching these regexes

• ignore_none_dirs | string

  Any change to these directories (even just being accessed) is reported

• ignore_none_files | string

  Any change to these files (even just being accessed) is reported

• logfiles | string

  Default: /var/run/utmp

  Files for which changes in signature, timestamps, and size are ignored

• logging | string

  Default: MailSeverity=crit PrintSeverity=none LogSeverity=info SyslogSeverity=alert

  Set threshold severity for log facilities

• mail_recipient | string

  Default: root@localhost

  Who receives any email

• nagios_check_frequency | int

  Default: 30

  How often to perform a policy check (in minutes)

• nagios_context | string

  Default: juju

  Used by the nrpe subordinate charms. A string that will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-myservice-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.

• nagios_crit_level | int

  Default: 5

  Critical alarm if the number of policy violations exceed this value

• nagios_servicegroups | string

  A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup

• nagios_warn_level | int

  Warn if the number of policy violations exceed this value

• prelink_dirs | string

  Directories holding prelinked files

• prelink_files | string

  A list of prelinked files

• read_only_dirs | string

  Default: /usr/bin /bin /boot 3/sbin /usr/sbin /lib 3/etc

  Directories for which only access time is ignored

• read_only_files | string

  Default: /usr/lib/pt_chown

  Files for which only access time is ignored

• script_dir | string

  Default: /usr/local/sbin

  Directory where we will store any related scripts