ossec-agent
ossec-agent
Used for install and automatic key generation of OSSEC clients. This role allows you to register hosts on Windows and Linux without having to enable auto-enroll or install any additional services.
- Connects to the OSSEC server and uses a batch control script (included) to generate keys.
- Uses the keys generated in the playbook to register the hosts for Windows and Linux.
Requirements
On the host you run the playbook, Ansible needs to be able to access your Ossec server to copy the script included in this role to the installation path of OSSEC. The file copied to generate the API keys is here. See project: https://github.com/ossec/ossec-hids/blob/master/contrib/ossec-batch-manager.pl
Role Variables
Please define the following variables in host_vars for your server.
WINDOWS HOST VARS:
- ip_address
- The IP address to use to register your host. You can use ansible defined variable or type it in.
- ossec_url:
- URL to obtain the OSSEC windows package to install
- ossec_file:
- Name of the file used in package above.
- ossec_server:
- The IP address of your OSSEC server, this will be added to the ossec conf template file.
LINUX HOST VARS:
- ip_address
- The IP address to use to register your host. You can use ansible defined variable or type it in.
- ossec_server
- The IP address of your OSSEC server, this will be added to the ossec conf template file.
EXTRA_VARS:
- ossec_server_name:
- Hostname of you ossec server. You can add this to the playbook like in the example below as vars.
- Tasks are delegated to it so make sure ansible can control this host as well to generate your API keys for OSSEC.
Example host_vars file:
#Windows hosts vars to define
ip_address: "{{ ansible_ip_addresses.0 }}"
ossec_url: 'https://updates.atomicorp.com/channels/atomic/windows/ossec-agent-win32-2.9.0-1738.exe'
ossec_file: 'ossec-agent-win32-2.9.0-1738.exe'
ossec_server: 'X.X.X.X'
#Linux host vars to define
ip_address: "{{ ansible_all_ipv4_addresses.0 }}"
ossec_server: 'X.X.X.X'
Dependencies
- A working OSSEC server running Linux that can be controlled by your host running Ansible.
Example Playbook
- name: OSSEC agent install.
hosts: xx-xx-server
roles:
- bouncingsoles.ossec-agent
vars:
#Your OSSEC server, tasks to create keys will be delegate_to it.
ossec_server_name: ossec-servername-01
License
BSD
Author Information
Patrick Durante
About
Generates Ossec keys for both Windows and Linux. Manages install of software on both types of hosts.
Install
ansible-galaxy install bouncingsoles/ossec-agent
License
apache-2.0
Downloads
58
Owner
Network/System Admin | Dev-Ops | Runner | Pro-Nerd | Car Enthusiast