Skip to content

stone-payments/ansible-winlogbeat

Repository files navigation

Stone Payments - Winlogbeat

This role installs and configures Winlogbeat service.

Requirements

This roles needs to be run agains a Windows machine - of course - and requires the presence of Chocolatey.

Role Variables

winlogbeat_version: 6.2.4
winlogbeat_installation_path: C:\ProgramData\chocolatey\lib\winlogbeat\tools\winlogbeat-{{ winlogbeat_version }}-windows-x86_64\winlogbeat.yml

These vars are to be given on your playbook:

winlogbeat_event_logs:
  - name: Application
    ignore_older: 72h
  - name: Security
  - name: System

winlogbeat_output_elaticsearch: false
winlogbeat_elaticsearch_hosts:
  - "http://localhost:9200"

winlogbeat_output_beats: false
winlogbeat_beats_hosts:
  - "127.0.0.1:5044"

Use the logstash ones to configure the output to logstash and the elasticsearch ones to output to elasticsearch.

Example Playbook

Here is an example setting the output to logstash:

- hosts: all
  vars:
    winlogbeat_version: 0.0.0
    winlogbeat_output_logstash: true
    winlogbeat_logstash_hosts:
      - "localhost:5044"
  roles:
    - role: stone-payments.winlogbeat

Here is an example setting the output to elasticsearch:

- hosts: all
  vars:
    winlogbeat_version: ''
    winlogbeat_output_elaticsearch: false
    winlogbeat_elaticsearch_hosts:
      - "http://localhost:9200"
  roles:
    - role: stone-payments.winlogbeat

Testing

This role implements unit tests with Molecul and Vagrant. Notice that we only support Molecule 2.0 or greater. You can install molecule with:

pip install molecule

After having Molecule setup, you can run the tests with:

molecule test

Contributing

Just open a PR. We love PRs!

License

MIT