book

Security Automation with Ansible 2

by Akash Mahajan, MADHU AKULA

December 2017

Intermediate to advanced

364 pages

7h 30m

English

Packt Publishing

Read now

Unlock full access

Content preview from Security Automation with Ansible 2

Collecting log artifacts for incident response

The key phase in incident response is log analysis. The following playbook will collect the logs from all the hosts and store it locally. This allows responders to perform the further analysis:

# Reference https://www.Ansible.com/security-automation-with-Ansible- name: Gather log files  hosts: servers  become: yes  tasks:    - name: List files to grab      find:        paths:          - /var/log        patterns:          - '*.log*'        recurse: yes      register: log_files    - name: Grab files      fetch:        src: "{{ item.path }}"        dest: "/tmp/LOGS_{{ Ansible_fqdn }}/"      with_items: "{{ log_files.files }}"

The following playbook execution will collect a list of logs in specified locations in remote hosts using Ansible modules and store them in the local system. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Implementing DevOps with Ansible 2

Jonathan McAllister

Practical Ansible 2

Daniel Oh, James Freeman, Fabio Alessandro Locati

Learning Ansible 2 - Second Edition

Fabio Alessandro Locati

Practical Security Automation and Testing

Tony Hsiang-Chih Hsu

Publisher Resources

ISBN: 9781788394512Supplemental Content