You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
110 lines
3.6 KiB
110 lines
3.6 KiB
---
|
|
- name: "Retrieve PID 1 process information (Linux)"
|
|
command: "ps 1"
|
|
register: pid1
|
|
when: ansible_system is match("Linux")
|
|
|
|
- name: "Retrieve Splunk version"
|
|
command: "{{ splunk_exec }} version --accept-license --answer-yes --no-prompt"
|
|
register: installed_splunk_version
|
|
when: ansible_system is match("Linux")
|
|
become: yes
|
|
become_user: "{{ splunk_user }}"
|
|
|
|
- name: "Set installed version fact"
|
|
set_fact:
|
|
installed_splunk_version: "{{ installed_splunk_version.stdout | regex_search(regexp, '\\1') }}"
|
|
vars:
|
|
regexp: 'Splunk\s((\d+)\.(\d+)\.(\d+)).*'
|
|
when: ansible_system is match("Linux")
|
|
|
|
- name: "Enable service via boot-start - Linux (systemd)"
|
|
become: yes
|
|
become_user: "{{ privileged_user }}"
|
|
command: "{{ splunk_exec }} enable boot-start -systemd-managed 1 -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find("systemd") != -1
|
|
- installed_splunk_version[0] is version("7.2.2", ">=")
|
|
|
|
# Using service file approach for systemd rather than 'boot-start' with
|
|
# 'systemd-unit-file-name' option because cli's versions older than 7.2.2 do
|
|
# not implement systemd in boot-start command.
|
|
- name: "Copy Splunkd unit file - Linux (systemd)"
|
|
template:
|
|
src: Splunkd.service.j2
|
|
dest: /etc/systemd/system/Splunkd.service
|
|
owner: "{{ privileged_user }}"
|
|
group: "{{ privileged_user }}"
|
|
mode: 0644
|
|
become: yes
|
|
become_user: "{{ privileged_user }}"
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find("systemd") != -1
|
|
- installed_splunk_version[0] is version("7.2.2", "<")
|
|
|
|
- name: "Reload daemons via systemctl - Linux (systemd)"
|
|
become: yes
|
|
become_user: "{{ privileged_user }}"
|
|
systemd:
|
|
daemon-reload: yes
|
|
name: Splunkd.service
|
|
enabled: true
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find('systemd') != -1
|
|
|
|
- name: "Enable service via boot-start - Linux (init)"
|
|
become: yes
|
|
become_user: "{{ privileged_user }}"
|
|
command: "{{ splunk_exec }} enable boot-start -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find('systemd') == -1
|
|
|
|
- name: "Enable service via boot-start - Windows"
|
|
command: "{{ splunk_exec }} enable boot-start -user {{ splunk_user }} --accept-license --answer-yes --no-prompt"
|
|
when: ansible_os_family == "Windows"
|
|
|
|
- name: add splunk user to sudoer for systemd
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl restart Splunkd.service"
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find("systemd") != -1
|
|
become: yes
|
|
|
|
- name: add splunk user to sudoer for systemd
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl start Splunkd.service"
|
|
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find("systemd") != -1
|
|
become: yes
|
|
|
|
- name: add splunk user to sudoer for systemd
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl stop Splunkd.service"
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find("systemd") != -1
|
|
become: yes
|
|
|
|
- name: add splunk user to sudoer for systemd
|
|
lineinfile:
|
|
path: /etc/sudoers
|
|
state: present
|
|
line: "{{ splunk_user }} ALL=(root) NOPASSWD: /usr/bin/systemctl status Splunkd.service"
|
|
when:
|
|
- ansible_system is match("Linux")
|
|
- pid1.stdout.find("systemd") != -1
|
|
become: yes
|