the DevOpsDaysRox (Rockies) release

New Features

• Added several queries for installed packages
• Incorporate severities into best practice score calculations.
• Added <a href=https://trello.com/c/9NxqFAGG"">OUIs to some MAC queries
• Added DNS/hosts names to some IP queries
• Added a query for MAC addresses without OUIs
• Added a query for IP addresses without DNS/hosts names
• Collect file ownership, permissions for system files
• Added security rules for password, group and shadow file permissions.
• Added an /etc/sudoers best practice rule
• Added security notifications to our sample email tool.
• Added capability to make python queries be usable the same way as pure Cypher queries.
• Moved test infrastructure from Testify to py.test

Bug Fixes

• assimcli loadqueries accepted bad JSON
• Neo4j OCF monitoring agent now works with Neo4j database with authentication enabled.
• fixed "Unterminated quoted string" in installme installer
• fixed the numbering of a NIST/DISA best practice.
• worked around a bug in pip list where it throws an exception and causes all package discovery to get hosed (bad JSON). It now deals with the fact that pip might throw an exception, and salvages everything it can.

Caveats

• a few options were shuffled for assimcli query score reporting queries.
• Not compatible with database formats before 1.1.0
• No alerting, or interface to existing alerting beyond a sample email script. (hooks to build your own interface are included)
• high availability option for the CMA is roll-your-own using Pacemaker or similar
• queries could benefit from more indexes for larger installations.
• The CMA will suffer performance problems when discovering IP addresses when large numbers of nanoprobes are on a subnet.
• no GUI
• Our current process only allows us to create 64-bit binaries. Feel free to build 32-bit binaries yourself. They still work for Ubuntu, and Debian, SuSE and 7.0 and later versions of CentOS.