sa-secure-audit-lynis

Lynis is a security auditing tool for UNIX derivatives. Open source software, part of CISOfy's Lynis Enterprise product. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless.

Example of use: check box-example

Installation is done via git, thus version update is achieved by git pull

Simple:

     - {
         role: "sa-secure-audit-lynis"
       }

Advanced:

tool will try to install mailutils, if they are not installed. To gain more control over your system, I would recommend configure system for mail sending in advance, rather than rely on defaults. sa-postfix is one of the possible roles, included in box-example

     - {
         role: "sa-postfix",
         tags: ["create", "update"]
       }
     - {
         role: "sa-secure-audit-lynis",
         option_install_git: false,
         lynis_version: "2.4.0",
         lynis_user: lynis

       }

Using lynis:

sudo lynis audit system

Usage with ansible galaxy workflow

If you installed the sa-secure-audit-lynis role using the command

ansible galaxy install softasap.sa-secure-audit-lynis

the role will be available in the folder library\softasap.sa-secure-audit-lynis. Please adjust the path accordingly.

     - {
         role: "softasap.sa-secure-audit-lynis"
       }

Copyright and license

Code licensed under the BSD 3 clause or the MIT License.

Subscribe for roles updates at FB