Skip to content
/ ossec-agent Public

Ansible role that generates Ossec keys for both Windows and Linux. Manages install of software on both types of hosts.

galaxy.ansible.com

License

Apache-2.0 license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bouncingsoles/ossec-agent

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
files
files
 
 
handlers
handlers
 
 
meta
meta
 
 
tasks
tasks
 
 
templates
templates
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

ossec-agent

Used for install and automatic key generation of OSSEC clients. This role allows you to register hosts on Windows and Linux without having to enable auto-enroll or install any additional services.

  • Connects to the OSSEC server and uses a batch control script (included) to generate keys.
  • Uses the keys generated in the playbook to register the hosts for Windows and Linux.

Requirements

On the host you run the playbook, Ansible needs to be able to access your Ossec server to copy the script included in this role to the installation path of OSSEC. The file copied to generate the API keys is here. See project: https://github.com/ossec/ossec-hids/blob/master/contrib/ossec-batch-manager.pl

Role Variables

Please define the following variables in host_vars for your server.

WINDOWS HOST VARS:

  • ip_address
    • The IP address to use to register your host. You can use ansible defined variable or type it in.
  • ossec_url:
    • URL to obtain the OSSEC windows package to install
  • ossec_file:
    • Name of the file used in package above.
  • ossec_server:
    • The IP address of your OSSEC server, this will be added to the ossec conf template file.

LINUX HOST VARS:

  • ip_address
    • The IP address to use to register your host. You can use ansible defined variable or type it in.
  • ossec_server
    • The IP address of your OSSEC server, this will be added to the ossec conf template file.

EXTRA_VARS:

  • ossec_server_name:
    • Hostname of you ossec server. You can add this to the playbook like in the example below as vars.
    • Tasks are delegated to it so make sure ansible can control this host as well to generate your API keys for OSSEC.

Example host_vars file:

#Windows hosts vars to define
ip_address: "{{ ansible_ip_addresses.0 }}"
ossec_url: 'https://updates.atomicorp.com/channels/atomic/windows/ossec-agent-win32-2.9.0-1738.exe'
ossec_file: 'ossec-agent-win32-2.9.0-1738.exe'
ossec_server: 'X.X.X.X'

#Linux host vars to define
ip_address: "{{ ansible_all_ipv4_addresses.0 }}"
ossec_server: 'X.X.X.X'

Dependencies

  • A working OSSEC server running Linux that can be controlled by your host running Ansible.

Example Playbook

- name: OSSEC agent install.
  hosts: xx-xx-server
  roles:
     - bouncingsoles.ossec-agent
  vars:
  #Your OSSEC server, tasks to create keys will be delegate_to it.
    ossec_server_name: ossec-servername-01

License

BSD

Author Information

Patrick Durante

About

Ansible role that generates Ossec keys for both Windows and Linux. Manages install of software on both types of hosts.

galaxy.ansible.com

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages