-
-
Save mq1n/60d7a020f8526d26342a8acfd35a12a1 to your computer and use it in GitHub Desktop.
Elastic EDR Ansible
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: Add required dependencies. | |
| apt: | |
| name: | |
| - apt-transport-https | |
| - gnupg2 | |
| state: present | |
| - name: Add Elasticsearch apt key. | |
| apt_key: | |
| url: https://artifacts.elastic.co/GPG-KEY-elasticsearch | |
| state: present | |
| - name: Add Elasticsearch repository. | |
| apt_repository: | |
| repo: 'deb https://artifacts.elastic.co/packages/7.x/apt stable main' | |
| state: present | |
| update_cache: true | |
| - name: Install java | |
| apt: | |
| name: openjdk-11-jre | |
| state: present | |
| - name: Install elasticsearch | |
| apt: | |
| name: elasticsearch | |
| state: present | |
| - name: Install kibana | |
| apt: | |
| name: kibana | |
| state: present | |
| - name: copy kibana config | |
| copy: | |
| src: kibana.yml | |
| dest: /etc/kibana/kibana.yml | |
| owner: "root" | |
| group: "kibana" | |
| mode: 0660 | |
| - name: elasticsearch change start timeout to 3min | |
| lineinfile: | |
| destfile: /usr/lib/systemd/system/elasticsearch.service | |
| regexp: 'TimeoutStartSec=' | |
| line: 'TimeoutStartSec=300' | |
| - name: copy elasticsearch config | |
| copy: | |
| src: elasticsearch.yml | |
| dest: /etc/elasticsearch/elasticsearch.yml | |
| owner: "root" | |
| group: "elasticsearch" | |
| mode: 0660 | |
| - name: enable elasticsearch | |
| service: | |
| name: elasticsearch | |
| enabled: yes | |
| - name: enable kibana | |
| service: | |
| name: kibana | |
| enabled: yes | |
| # Upload Passwords | |
| - name: copy elastic.pwd | |
| copy: | |
| src: elastic.pwd | |
| dest: /etc/elasticsearch/elastic.pwd | |
| owner: "root" | |
| group: "elasticsearch" | |
| mode: 0660 | |
| # Add JVM options - Limit to 1Go RAM | |
| # Xms represents the initial size of total heap space | |
| # Xmx represents the maximum size of total heap space | |
| - name: add JVM options | |
| copy: | |
| src: options | |
| dest: /etc/elasticsearch/jvm.options.d/options | |
| owner: "root" | |
| group: "elasticsearch" | |
| mode: 0660 | |
| # Now start the service | |
| - name: start elasticsearch | |
| service: | |
| name: elasticsearch | |
| state: started | |
| # Set Elastic and Kibana Passwords | |
| - name: set elastic passwords | |
| become: yes | |
| shell: cat /etc/elasticsearch/elastic.pwd | /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive | |
| # Now restart the service | |
| - name: start elasticsearch | |
| service: | |
| name: elasticsearch | |
| state: restarted | |
| # Then start Kibana service with the correct config (username:password) | |
| - name: start kibana | |
| service: | |
| name: kibana | |
| state: started |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment