Created
March 24, 2022 01:09
-
-
Save z3ndrag0n/677dabaacd3b1001ee161693d1570a72 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- name: Config Web VM filebeat | |
hosts: webservers | |
become: true | |
tasks: | |
- name: Download and install filebeat to the VM | |
apt: | |
deb: "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.6.1-amd64.deb" | |
state: present | |
- name: Download filebeat to the web VM | |
copy: | |
src: /etc/ansible/files/filebeat-7.6.1-amd64.deb | |
dest: /tmp | |
- name: Copy filebeat package into the DVWA docker container | |
command: docker cp /tmp/filebeat-7.6.1-amd64.deb dvwa:/tmp | |
- name: install fileeat inside the container | |
command: docker exec -it dvwa apt install /tmp/filebeat-7.6.1-amd64.deb | |
- name: Copy filebeat config into docker container | |
command: docker cp /etc/filebeat/filebeat.yml dvwa:/etc/filebeat/filebeat.yml | |
- name: Enable the filebeat nginx module in the docker container | |
command: docker exec -it dvwa filebeat modules enable apache | |
- name: Setup the filebeat kibana dashboards | |
command: docker exec -it dvwa filebeat setup | |
- name: Start filebeat | |
command: docker exec -it dvwa service filebeat start | |
- name: Update setup.kibana in /etc/filebeat/filebeat.yml | |
replace: | |
path: /etc/filebeat/filebeat.yml | |
regexp: '(\s+)#host: "localhost:5601"(\s+.*)?$' | |
replace: '\1host: "10.2.0.4:5601"\2' | |
backup: yes | |
- name: Update output.elasticsearch in /etc/filebeat/filebeat.yml | |
replace: | |
path: /etc/filebeat/filebeat.yml | |
regexp: '(\s+)hosts: \["localhost:9200"\](\s+.*)?$' | |
replace: '\1hosts: ["10.2.0.4:9200"]\2' | |
backup: yes | |
- name: Enable the filebeat system module | |
command: filebeat modules enable system | |
args: | |
creates: /etc/filebeat/modules.d/system.yml | |
- name: Setup the filebeat kibana dashboards | |
command: filebeat setup | |
- name: Enable filebeat on boot and start it (using systemd) | |
systemd: | |
name: filebeat | |
state: started | |
enabled: yes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment