Ensuring Approved Packages Are Installed Across System Profiles Using the Drift Service

Red Hat Insights 2021

How to validate that approved packages are installed across system profiles and generate reports

Red Hat Customer Content Services

Abstract

This workflow example demonstrates how to validate that approved RPM packages are installed across system profiles and generate CSV reports for analysis.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat Hybrid Cloud Console documentation

We appreciate your input on our documentation. Please let us know how we could make it better. To do so, create a Bugzilla ticket:

  1. Go to the Bugzilla website.
  2. As the Component, use Documentation.
  3. Fill in the Description field with your suggestion for improvement. Include a link to the relevant part(s) of documentation.
  4. Click Submit Bug.

Chapter 1. Overview

As an IT operator, use Insights for Red Hat Enterprise Linux to ensure approved security tools and RPM packages are installed on each system:

  1. Access the drift service.
  2. Add systems manually within the drift service.
  3. Filter system configuration data by installed packages.
  4. Export the filtered data to a CSV file for analysis.

Chapter 2. Accessing the drift service

The drift service is part of Insights for Red Hat Enterprise Linux. Access this service via Red Hat Hybrid Cloud Console.

Procedure

  1. Navigate to the Red Hat Enterprise Linux > Drift > Comparison page where the Comparison screen opens.

    img drift comparison screen

  2. Cick Add to comparison. The Add to comparison screen opens, where you can add systems or baselines to compare.

    img drift add to comparison screen

    • On the Systems tab, you can add any systems you want to compare. This screen also lists any baselines that already exist in your Insights for RHEL inventory.
    • On the Baselines tab, you can create baselines. This screen also lists any baselines that already exist in your inventory.

      img drift baselines screen

  3. Click Submit to add your systems or baselines for comparison.

Once you add them, you can start comparing the facts of systems and baselines in your Insights for RHEL inventory.

Chapter 3. Adding systems manually to comparisons

Within the drift service, you can add systems registered in your Insights for RHEL inventory.

Procedure

  1. Navigate to the Red Hat Enterprise Linux > Drift > Comparison page where the Comparison screen opens.
  2. Click Add to comparison.
  3. Select the systems to compare from the list. Alternatively, enter the system name in the search box to find by name, and then select the system.
  4. Click Submit.
Note
  • At any time, you can add more systems by clicking the Add to comparison button near the top of the Comparison screen.
  • Similarly, you can remove a particular system under comparison by clicking the X symbol on the upper-right corner of the individual system name.
  • You can remove all systems under comparison by clicking the options menu ( img drift options menu ) located at the top.
  • Click Clear all comparisons to start again.

Chapter 4. Filtering system facts by installed packages

To filter the system facts by installed packages:

  1. Enter the required package name in the search box at the top, or enter installed_packages to view the list of all packages installed.
  2. In the View drop-down list, ensure you are viewing the result for all comparison states, by selecting the check boxes for Same, Different, and Incomplete data.

For all installed packages, the Insights for RHEL service lists installed packages and their versions, indicating whether they are the same, or different, and where information is missing across systems.

Facts are filtered by installed RPM packages for which you can see a subset of the list. Note that for package `deltarpm` there is no difference in its version between the two systems. However, packages `rpm`, `rpm-build-libs`, `rpm-libs`, and `rpm-python` show differences. Also, data is missing for some of the other packages. This is a discrepancy as systems were not consistently upgraded with approved packages.

Chapter 5. Exporting system comparison output

You can export a comma-separated-values (CSV) file of the system profiles you previously filtered. The report captures, by installed packages, where RPM versions are the same, different, and where information is missing.

Note

The exported CSV report preserves all your current selections on the system comparison output, including any filters applied. That is, it follows the WYSIWYG (What You See Is What You Get) paradigm. Therefore, you may need to expand any nested fact categories (installed_packages, for example) to be exported in the report.

Procedure

  1. At the top of the system comparison output screen for two or more systems, click the Export to CSV button img drift export as csv icon .
  2. Click Export to CSV.

Save the CSV file to the location of your choice so that you can analyze discrepancies in installed RPM packages.

Legal Notice

Copyright © 2021 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.