forked from archiver_config/sf_databuffer
67 lines
2.0 KiB
YAML
67 lines
2.0 KiB
YAML
- hosts: dispatcher_api_office
|
|
become: true
|
|
tasks:
|
|
- name: Install https certificate
|
|
template:
|
|
src: templates/elastic-stack-ca.pem
|
|
dest: /etc/pki/tls/certs/elastic-stack-ca.pem
|
|
|
|
- name: Install osquery
|
|
yum:
|
|
name: https://pkg.osquery.io/rpm/osquery-4.0.2-1.linux.x86_64.rpm
|
|
state: present
|
|
|
|
- name: Install heartbeat
|
|
yum:
|
|
name: https://artifacts.elastic.co/downloads/beats/heartbeat/heartbeat-7.3.2-x86_64.rpm
|
|
state: present
|
|
- name: Install heartbeat configuration
|
|
template:
|
|
src: templates/heartbeat.yml
|
|
dest: /etc/heartbeat/heartbeat.yml
|
|
- name: Install heartbeat monitors
|
|
template:
|
|
src: templates/reachable.icmp.yml
|
|
dest: /etc/heartbeat/monitors.d/reachable.icmp.yml
|
|
|
|
- name: Install metricbeat
|
|
yum:
|
|
name: https://artifacts.elastic.co/downloads/beats/metricbeat/metricbeat-7.3.2-x86_64.rpm
|
|
state: present
|
|
- name: Install metricbeat configuration
|
|
template:
|
|
src: templates/metricbeat.yml
|
|
dest: /etc/metricbeat/metricbeat.yml
|
|
- name: Install metricbeat system.yml configuration
|
|
template:
|
|
src: templates/system.yml
|
|
dest: /etc/metricbeat/modules.d/system.yml
|
|
|
|
- name: Install auditbeat
|
|
yum:
|
|
name: https://artifacts.elastic.co/downloads/beats/auditbeat/auditbeat-7.3.2-x86_64.rpm
|
|
state: present
|
|
- name: Install auditbeat configuration
|
|
template:
|
|
src: templates/auditbeat.yml
|
|
dest: /etc/auditbeat/auditbeat.yml
|
|
|
|
- name: Reload systemd unit files
|
|
systemd:
|
|
daemon_reload: yes
|
|
- name: Enable and start journalbeat
|
|
systemd:
|
|
enabled: yes
|
|
state: restarted
|
|
name: heartbeat-elastic
|
|
- name: Enable and start metricbeat
|
|
systemd:
|
|
enabled: yes
|
|
state: restarted
|
|
name: metricbeat
|
|
- name: Enable and start auditbeat
|
|
systemd:
|
|
enabled: yes
|
|
state: restarted
|
|
name: auditbeat
|