The Puppet audit feature essentially works by creating a baseline of a resource. It then monitors that the resource does not change from that baseline.

Using the tools Puppet provides us, we can manually build a baseline and have Puppet run against it. This will allow us to accomplish the same goal as auditing.

We can then apply the baseline we create to either ensure that the resource stays in the baseline state or to monitor that it has left it without changing it back.

We do this using the Puppet resource face to give us information on the resource in question. A face is what Puppet calls the mechanism to extend its command-line objects.

We call the Puppet face with the Puppet resource command. Go ahead and request for ...