Resource Surveillance State Database (RSSD)
Resource Surveillance State Database
is a SQLite database generated by the
Surveilr tool, which can be used independently to provide machine-attested
evidence of compliance and security across various work products and disciplines
within an organization. This helps overcome the limitations of human-based
compliance verification processes.
Characteristics of a RSSD
-
Independence: Once the RSSD is generated, it is no longer tied to
surveilr
and can be used by any other tool, service, application, or ETL’d into a data warehouse which makes it a versatile data source. -
Consumption: It can be consumed by any computing environment that supports
SQLite
, allowing it to be integrated into various systems and workflows -
Evidence Collection: It is designed to collect machine attestation artifacts like code, test results, emails, issues/tickets, and wikis to prove that security, privacy, safety and regulatory compliance policies are being followed. This provides a more reliable and automated way to demonstrate compliance compared to relying on human attestation.
How to generate an RSSD
Generating a RSSD
requires you to execute a survielr ingest
command which
can either be file ingestion or
task ingestion. Suppose you have folder
named my-files
and it is located within your current working directory, you
can ingest the files in this folder by navigating into the folder ( cd
), and
executing this script:
An RSSD
will be created inside my-files
if you prefer not cd
into my-files
before performing file ingestion, there
is a -r
flag that allows you to specify my-files
as the folder you wish to
ingest its content(s) without having to leave your root directory.
The outcome of the execution of this script above is a
resource-surveillance.sqlite.db
file ( known as
resource surveillance state database - RSSD
) created in your root directory.
The database consist of several tables which can you can learn about
here.
Configuring Unique Identifiers for RSSD Databases
surveilr
uses a default SQLite database named
resource-surveillance.sqlite.db
for storing file system state data. However,
in environments with multiple surveillance databases, it’s beneficial to
distinguish each RSSD
by including unique identifiers in the filename, such as
the hostname. This setup simplifies merging
of databases. Unique identifiers can be configured for RSSD
databases in two
ways:
-
Using an environment variable: During a terminal session, you can set a custom
RSSD
path as an environment variable. This path will serve as an identifier for the generated SQLite database during ingestion. Note that the environment variable will be cleared once the terminal session is closed. -
Argument Passing: When performing an ingestion, you need to set the
RSSD
’s unique identifier by passing it as an argument with the-d
flag, as shown below.