While a file is the most common resource that can be audited, any resource can be audited. This even includes custom types. Additionally, even classes and defines can be audited; however, the mechanism is a bit different. In the case of defines and classes, the meta-parameter is inherited by all of the resources contained in that class or define, but not in any that are included inside it.

The basic mechanism of the audit parameter works in the same way as it does in the file case. You need to specify a list of attributes to monitor and Puppet will persist their state. If the state changes between runs, then it will trigger an audit alert. An example of auditing just the owner and mtime (modified time) attributes of ...