Current state of Sharingan role -- still need to add rkhunter

2022-05-02 15:00:29 -05:00
parent 1c2f4266ad
commit d0146770a4
45 changed files with 4004 additions and 46 deletions
--- a/roles/Sharingan/tasks/siem.yml
+++ b/roles/Sharingan/tasks/siem.yml
@@ -0,0 +1,33 @@
+---
+ - name: Sharingan packages
+   become: yes
+   register: sharingan_packages
+   package:
+     name:
+       - elasticsearch
+       - mongodb
+       - graylog
+     state: present
+
+ - name: Sharingan services
+   become: yes
+   loop:
+       - elasticsearch
+       - mongodb
+       - graylog
+   service:
+     name: "{{ item }}" 
+     state: started
+     enabled: yes
+
+ - name: Sharingan backups directory
+   become: yes
+   file:
+     path: /usr/local/backups/elasticsearch
+     state: directory
+     owner: elasticsearch
+     group: elasticsearch
+     mode: 0770
+
+ - name: Set Sharingan backups
+   command: "curl -X PUT localhost:9200/_snapshot/my_backup?pretty -H 'Content-Type: application/json' -d '{ type: fs, settings: { location: /usr/local/backup/elasticsearch, compress: true } }'"