Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/stone-payments/ansible-winlogbeat

An Ansible role to install and configure Winlogbeat
https://github.com/stone-payments/ansible-winlogbeat

ansible ansible-roles sec-squad-delivery sec-tribo-infraestrutura winlogbeat

Last synced: 30 days ago
JSON representation

An Ansible role to install and configure Winlogbeat

Host: GitHub
URL: https://github.com/stone-payments/ansible-winlogbeat
Owner: stone-payments
License: mit
Created: 2017-06-30T14:28:07.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2023-12-13T13:54:21.000Z (about 1 year ago)
Last Synced: 2024-11-12T00:17:00.592Z (2 months ago)
Topics: ansible, ansible-roles, sec-squad-delivery, sec-tribo-infraestrutura, winlogbeat
Language: Jinja
Homepage:
Size: 21.5 KB
Stars: 0
Watchers: 28
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

# Stone Payments - Winlogbeat
This role installs and configures Winlogbeat service.

## Requirements
This roles needs to be run agains a Windows machine - of course - and requires the presence of [Chocolatey](https://chocolatey.org/).

## Role Variables
```yaml
winlogbeat_version: 6.2.4
winlogbeat_installation_path: C:\ProgramData\chocolatey\lib\winlogbeat\tools\winlogbeat-{{ winlogbeat_version }}-windows-x86_64\winlogbeat.yml
```

These vars are to be given on your playbook:

```yaml
winlogbeat_event_logs:
- name: Application
ignore_older: 72h
- name: Security
- name: System

winlogbeat_output_elaticsearch: false
winlogbeat_elaticsearch_hosts:
- "http://localhost:9200"

winlogbeat_output_beats: false
winlogbeat_beats_hosts:
- "127.0.0.1:5044"
```

Use the logstash ones to configure the output to logstash and the elasticsearch ones to output to elasticsearch.

## Example Playbook
Here is an example setting the output to logstash:

```yaml
- hosts: all
vars:
winlogbeat_version: 0.0.0
winlogbeat_output_logstash: true
winlogbeat_logstash_hosts:
- "localhost:5044"
roles:
- role: stone-payments.winlogbeat
```

Here is an example setting the output to elasticsearch:

```yaml
- hosts: all
vars:
winlogbeat_version: ''
winlogbeat_output_elaticsearch: false
winlogbeat_elaticsearch_hosts:
- "http://localhost:9200"
roles:
- role: stone-payments.winlogbeat
```

## Testing
This role implements unit tests with Molecul and Vagrant. Notice that we only support Molecule 2.0 or greater. You can install molecule with:

```shell
pip install molecule
```

After having Molecule setup, you can run the tests with:

```shell
molecule test
```

## Contributing
Just open a PR. We love PRs!

## License
MIT