Runecast Analyzer 6 with Configuration Vault, Remediation and Log4j vulnerability scanning [sponsored]
![Runecast Analyzer 6 with Configuration Vault, Remediation and Log4j vulnerability scanning [sponsored]](https://i0.wp.com/www.jeffreykusters.nl/wp-content/uploads/2021/12/RA6.png?fit=804%2C245&ssl=1)
Runecast recently released Runecast Analyzer 6. In this blogpost I would like to cover three key features included in this release:
- Configuration Vault
- Remediation
- OS Level Analysis (with Log4j vulnerability scanning)
Configuration Vault
Configuration Vault is a great new feature in Runecast Analyzer (first introduced in version 5.1) that captures the configuration of most of your VMware estate and stores it with a timestamp in its database. This allows you to compare different point in time configuration captures and quickly detect and remediate drift. I think this is a perfect solution for preventing configuration drift in an imperative environment. Let’s go over a short example:
I have a Distributed Port Group configured with VLAN ID 20:

Lets’s say someone on the team accidentally changed this to VLAN ID 21. Things obviously break and other team members are unaware of this change. All they need to do is hop over to Configuration Vault and ‘Check for historical drift’ to see there is 1 configuration item changed:

Drilling down on that change reveals the faulty configuration change of the VLAN ID:

Super simple but oh so super powerful! Where was Runecast Analyzer when I was doing VI Admin work?
Remediation
Runecast Analyzer has always been great in reporting issues in your environment. With the introduction of Remediation, it now also provides a way of implementing the necessary remediation steps for a lot of the issues it reports on. The issues that can be remediated by Runecast Analyzer or marked with a small white “R” in a blue box. By clicking on the issue you will be presented with a detailed description and a “Remediate” button:

After selecting the objects you want to remediate, you are presented with the option of providing the required configuration (in this example the proper input for the NTP server). Runecast Analyzer then generates remediation scripts for PowerCLI or Ansible that you can run on the affected systems:

OS Level Analysis (with Log4j vulnerability scanning)
Runecast Analyzer 6 also supports agent based OS Level Analysis for Windows and Linux systems. You need to setup the connection first in Settings, Connections, Operating Systems connection settings:

Next up is getting the OS agent installation packages and incorporating them in your software delivery pipeline. For this example, I manually installed the Windows agent on a Windows Server OS using the provided PowerShell script:

With the agent installed, we just need to wait for it to connect to Runecast Analyzer before we can run an OS level analysis:

After running the OS level analysis I now receive issues for my Windows Server, including Log4j vulnerabilities where applicable:

Conclusion
I love how Runecast keeps finding areas where they can improve an already very complete product. Configuration Vault is so easy from a conceptual standpoint that I now even wonder why such a feature has never existed in vCenter Server before. Remediation is a welcome addition and will make the work of VI Admins much easier. Great work Runecast!