https://github.com/nvisosecurity/ansible-auditbeat
Ansible role for auditbeat install
https://github.com/nvisosecurity/ansible-auditbeat
Last synced: over 1 year ago
JSON representation
Ansible role for auditbeat install
- Host: GitHub
- URL: https://github.com/nvisosecurity/ansible-auditbeat
- Owner: NVISOsecurity
- License: mit
- Created: 2019-07-17T13:43:16.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2019-09-05T13:27:52.000Z (almost 7 years ago)
- Last Synced: 2025-01-28T05:43:18.794Z (over 1 year ago)
- Homepage:
- Size: 9.77 KB
- Stars: 7
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ansible-auditbeat
An Ansible role for installing and configuring AuditBeat
## Sysmon Configuration
The role applies an [AuditD ruleset](https://github.com/bfuzzy/auditd-attack) based on the MITRE Att&ck framework.
## OS Platforms
This role has been tested on the following operating systems:
- Ubuntu 18.04
## Usage
To use this role in your playbook, add the code below:
```
- name: Install AuditBeat
import_role:
name: ansible-auditbeat
```
## Disclaimer
This role is meant for use in the SANS 699 course and is provided as is.
## License
[MIT](LICENSE)