aboutsummaryrefslogtreecommitdiffstats
path: root/roles/packetbeat/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/packetbeat/tasks')
-rw-r--r--roles/packetbeat/tasks/main.yml64
1 files changed, 64 insertions, 0 deletions
diff --git a/roles/packetbeat/tasks/main.yml b/roles/packetbeat/tasks/main.yml
new file mode 100644
index 0000000..8811373
--- /dev/null
+++ b/roles/packetbeat/tasks/main.yml
@@ -0,0 +1,64 @@
+---
+- name: Install libpcap0.8
+ package:
+ name: libpcap0.8
+ state: present
+ tags:
+ - role::packetbeat
+
+- name: Install GPG
+ package:
+ name: gpg
+ state: present
+ tags:
+ - role::packetbeat
+
+- name: Install Elasticsearch signing key
+ shell: >-
+ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch |
+ gpg --yes --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
+ args:
+ creates: /usr/share/keyrings/elasticsearch-keyring.gpg
+ tags:
+ - role::packetbeat
+
+- name: Add Elasticsearch repository to apt
+ copy:
+ content: >-
+ deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg]
+ https://artifacts.elastic.co/packages/8.x/apt stable main
+ dest: /etc/apt/sources.list.d/elastic-8.x.list
+ owner: root
+ group: root
+ mode: 0644
+ tags:
+ - role::packetbeat
+ register: add_packetbeat_repo
+
+- name: Install Packetbeat
+ apt:
+ pkg: packetbeat
+ state: present
+ update_cache: "{{ add_packetbeat_repo.changed }}"
+ tags:
+ - role::packetbeat
+
+- name: Configure Packetbeat
+ template:
+ src: packetbeat.yml.j2
+ dest: /etc/packetbeat/packetbeat.yml
+ mode: 0644
+ owner: root
+ group: root
+ tags:
+ - role::packetbeat
+ notify:
+ - restart packetbeat
+
+- name: Start and enable Packetbeat
+ service:
+ name: packetbeat
+ state: started
+ enabled: true
+ tags:
+ - role::packetbeat
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-08 13:20:41 +0000