December 2017
Intermediate to advanced
364 pages
7h 30m
English
Content preview from Security Automation with Ansible 2
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Creating Ansible playbooks for collection and storage with secure backup of forensic artifacts
Ansible is an apt replacement for all kinds of bash scripts. Typically, for most activities that require analysis, we follow a set pattern:
- Collect logs from running processes into files with a path we already know
- Copy the content from these log files periodically to a secure storage locally or accessible remotely over SSH or a network file share
- Once copied successfully, rotate the logs
Since there is a bit of network activity involved, our bash scripts are usually written to be fault tolerant with regard to network connections and become complex very soon. Ansible playbooks can be used to do all of that while being simple to read for everyone. ...