Commit ebe13570 authored by nimrod's avatar nimrod
Browse files

Beats on the OpenBSD router.

parent 0c1eb77e

roles/router/files/filebeat.yml

0 → 100644
+27 −0
Original line number Diff line number Diff line 
---

output.elasticsearch:

  hosts:

    - https://elasticsearch.shore.co.il:443



logging:

  level: warning

  json: true

  to_syslog: true

  metrics.enabled: false



processors:

  - add_host_metadata: ~



filebeat:

  inputs:

    - type: log

      enabled: true

      paths:

        - /var/log/*.log

        - /var/log/authlog

        - /var/log/daemon



  config.modules:

    path: ${path.config}/modules.d/*.yml

    reload:

      enabled: false

roles/router/files/metricbeat.yml

0 → 100644
+33 −0
Original line number Diff line number Diff line 
---

output.elasticsearch:

  hosts:

    - https://elasticsearch.shore.co.il:443



logging:

  level: warning

  json: true

  to_syslog: true

  metrics.enabled: false



#processors:

#  - add_host_metadata: ~



metricbeat.config.modules:

  path: ${path.config}/modules.d/*.yml

  reload.enabled: false



metricbeat.modules:

  - module: system

    metricsets:

      - cpu

      - load

      - memory

      #- network

      #- process

      #- process_summary

      - uptime

      - socket_summary

      #- diskio

      - filesystem

      - fsstat

      #- service

roles/router/files/packetbeat.yml

0 → 100644
+34 −0
Original line number Diff line number Diff line 
---

output.elasticsearch:

  hosts:

    - https://elasticsearch.shore.co.il:443



logging:

  level: warning

  json: true

  to_syslog: true

  metrics.enabled: false



#processors:

#  - add_host_metadata: ~



packetbeat:

  interfaces.device: em1

  protocols:

    - type: icmp

      enabled: true

    - type: dns

      enabled: true

    - type: http

      enabled: true

      ports:

        - 80

    - type: tls

      enabled: true

      ports:

        - 443

    #- type: dhcp

    #  enabled: true

    #  ports:

    #    - 67

    #    - 68

roles/router/handlers/main.yaml

+15 −0
Original line number Diff line number Diff line
@@ -75,3 +75,18 @@ 
  service:

    name: sshd

    state: restarted



- name: Restart the filebeat daemon

  service:

    name: filebeat

    state: restarted



- name: Restart the metricbeat daemon

  service:

    name: metricbeat

    state: restarted



- name: Restart the packetbeat daemon

  service:

    name: packetbeat

    state: restarted

roles/router/tasks/main.yaml

+36 −0
Original line number Diff line number Diff line
@@ -491,3 +491,39 @@ 
  tags:

    - cron

    - mail



- name: Install beats

  loop: &beats

    - filebeat

    - metricbeat

    - packetbeat

  community.general.openbsd_pkg:

    name: '{{ item }}'

    state: present

  tags:

    - packages

    - beats



- name: Configure beats

  loop: *beats

  ansible.builtin.copy:

    backup: true

    dest: '/etc/{{ item }}/{{ item }}.yml'

    group: wheel

    mode: 0o0644

    owner: root

    src: '{{ item }}.yml'

    validate: '{{ item }} test config -c %s'

  notify:

    - Restart the {{ item }} daemon

  tags:

    - beats



- name: Enable beats

  loop: *beats

  service:

    enabled: true

    name: '{{ item }}'

    state: started

  tags:

    - beats