Ansible: Linux

Atomic OSSEC includes playbooks to facilitate remote installations of a target system from the hub server using Ansible.

Requirements

• SSH access to the target system

• Root or Sudo permissions on both the Hub and target system

• ansible

Variables Parameters

Additional environmental variables can be passed to the installer to handle alternate configurations

SERVER_IP (Required) Declares the IP of the Hub server/Load balancer

AUTH_IP (Required) IP of the registration server (default: SERVER_IP)

PROTOCOL (Required) tcp or udp (default: tcp)

PORT (Required) Port for agent communication (default: 1514)

GROUP (Required) Group to assign the agent (default: default)

Note

AUTH_IP is used for cluster configurations, for a single host this is the same IP as the SERVER_IP

Step 1: Log into the system, and change to the ansible directory

cd /etc/ansible/atomicorp

Step 2: Update/Create hosts.yml inventory

vim hosts.yaml

Note

/etc/ansible/atomicorp/hosts.yml.template is provided as a reference for creating an ansible inventory

Step 3: Run the playbook with the SERVER_IP, AUTH_IP, GROUP, PORT and PROTOCOL values

ansible-playbook linux-agent-installer.yml  -i hosts.yml  --extra-vars="SERVER_IP=192.168.100.254 PROTOCOL=tcp PORT=9091 AUTH_IP=192.168.100.254 GROUP=default"