Giter Club home page Giter Club logo

ansible-ossec-server's Introduction

Hi there ๐Ÿ‘‹

I am a nerd and likes to automate things to make my life easier. Mostly specific to Ansible, Zabbix and Kubernetes, but there are a lot of interesting technologies out there!

If you like my work and/or need some help, please take a look at my sponsor page, Patreon or buy me a coffee.

Anurag's github stats

Zabbix
Ansible coummunity.zabbix zabbix-agent zabbix-server zabbix-proxy zabbix-web zabbix-javagateway
Puppet voxpopuli-zabbix
Kubernetes/HELM helm-zabbix
Ossec Personal
Ansible ossec-server ossec-agent dj-wasabi-release pre-commit-hooks

ansible-ossec-server's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

andskli proitconsult recunius 4armed juju4 jjediny aarnaud acromedia securityshift vvgelder elrondvega sigio awold-dcca skyscooby tassosb adampielak ltrowley83 rhythmictech bartzjegr prawalsaxena vestainnovations cybertrust1 jchen1 rsanzante

ansible-ossec-server's Issues

Define a variable for atomicorp repo version

Hello,

Today I installed this role from ansible galaxy and it failed because atomic-release-1.0-19 is no longer available on www.atomicorp.com site.

- name: RedHat | Install atomicorp repo
  yum: name=https://www.atomicorp.com/channels/atomic/centos/{{ansible_distribution_major_version}}/x86_64/RPMS/atomic-release-1.0-19.el{{ansible_distribution_major_version}}.art.noarch.rpm state=present

The master on git repo has been updated to atomic-release-1.0-21.

What do you think about addiing a role variable for this version?

Issue with syslog_outputs

In this section (tasks/main.yml):

- name: Enable client-syslog if not running and ossec_server_config.syslog_outputs is given
  command: /var/ossec/bin/ossec-control enable client-syslog
  when: csyslog_running.stdout == '0' and ossec_server_config.syslog_outputs is defined

- name: Start client-syslog if not running and ossec_server_config.syslog_outputs is given
  command: /var/ossec/bin/ossec-control start client-syslog
  when: csyslog_running.stdout == '0' and ossec_server_config.syslog_outputs is defined

- name: Set ossec deploy facts for Debian
  set_fact:
    ossec_server_config_filename: ossec.conf
    ossec_init_name: ossec
  when: ansible_os_family == "Debian"

- name: Configure the ossec-server
  template: src=var-ossec-etc-ossec-server.conf.j2
            dest=/var/ossec/etc/{{ ossec_server_config_filename }}
            owner=root
            group=root
            mode=0644
  notify: restart ossec-server
  tags:
    - init
    - config

When using syslogs_outputs, I'd get an error with trying to start client syslog before the configurations were installed.
I resolved by moving the calls to ossec-control to after installation of the configuration file.

- name: Set ossec deploy facts for Debian
  set_fact:
    ossec_server_config_filename: ossec.conf
    ossec_init_name: ossec
  when: ansible_os_family == "Debian"

- name: Configure the ossec-server
  template: src=var-ossec-etc-ossec-server.conf.j2
            dest=/var/ossec/etc/{{ ossec_server_config_filename }}
            owner=root
            group=root
            mode=0644
  notify: restart ossec-server
  tags:
    - init
    - config

- name: Enable client-syslog if not running and ossec_server_config.syslog_outputs is given
  command: /var/ossec/bin/ossec-control enable client-syslog
  when: csyslog_running.stdout == '0' and ossec_server_config.syslog_outputs is defined

- name: Start client-syslog if not running and ossec_server_config.syslog_outputs is given
  command: /var/ossec/bin/ossec-control start client-syslog
  when: csyslog_running.stdout == '0' and ossec_server_config.syslog_outputs is defined

The `restart ossec-server` handler fails when using the `rules` tag

Description
When trying to update my custom rules using a tag (instead of running the whole role), I get the following error:

$ ansible-playbook ossec-masters.yml --tags rules

PLAY [ossec-masters] *********************************************************

TASK [dj-wasabi.ossec-server : Installing custom local_rules.xml] ************
changed: [server.example.com]

TASK [dj-wasabi.ossec-server : Installing the local_rules.xml (default local_rules.xml)] 
skipping: [server.example.com]

RUNNING HANDLER [dj-wasabi.ossec-server : restart ossec-server] **************
fatal: [server.example.com]: FAILED! => {"failed": true, "msg": "The task includes an option with an undefined variable. The error was: 'ossec_init_name' is undefined\n\nThe error appears to have been in '/path/to/roles/dj-wasabi.ossec-server/handlers/main.yml': line 4, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: restart ossec-server\n  ^ here\n"}

PLAY RECAP ******************************************************************
server.example.com         : ok=2    changed=1    unreachable=0    failed=1

Installation method/version

  • Github / latest

Ansible Version

  • Ansible: 2.5.0
  • Python: 2.7.12

Targetted hosts

  • RHEL 6

Expected behavior
The rules tag should be able to be used by itself.

Additional context
It looks like the problem is just that the variable name from the error message isn't hit when the rules tag is used, since the set_fact tasks don't share the same tag.

The ansible-ossec-agent role seems to share the same problem.

In any case, I've fixed this on my local, so I will submit a PR.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.