Downloads the Splunk Universal Forwarder binary and installs to the target machine (Windows or Linux)
Defined in ./defaults/main.yml
binary_src_linuxbinary_src_windowsbinary_tmpdir_linuxbinary_tmpdir_windowsbinary_filename_linuxbinary_filename_windowssplunk_installdir_linuxsplunk_installdir_windowsdeployment_serverinstall_cmd_windows
Defined in ./tasks/windows.yml and ./tasks/el.yml
downloadinstallstart
- ansible-playbook tasks/main.yml -vvv -- --tags="download,install,start" --vault-password-file="<path_to_password_file>"
or
- ansible-playbook tasks/main.yml -vvv -- --tags="download,install" --vault-password-file="<path_to_password_file>"
or
- ansible-playbook tasks/main.yml -vvv -- --tags="start" --vault-password-file="<path_to_password_file>"
Splunk UF admin credentials are defined in ./tasks/secrets.yml (for Windows) and ./tasks/user-seed.conf (for Linux).
Ansible Vault has been used to encrypt these two files with a Vault password. Decryption occurs during the playbook run using the switch --vault-password-file="<path_to_password_file>"
Defined in ./requirements.txt
- ansible>=2.9.12
- ansible[azure]
- ansible-lint>=4.2.0
- molecule>=3.0.6
- molecule-azure>=0.3
- yamllint>=1.24.2
- pywinrm>=0.4.1
- junit-xml>=1.9
- requests>=2.24.0
- wheel>=0.30.0
- Create and access your Ansible control node in Azure (can simply be 1x Ubuntu VM, 1x VNET, 1x SUBNET)
git clone https://github.com/globalbao/ansible-role-splunkuf.gitcd /ansible-role-splunkuf./run.shcurl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash- Update your Azure & Ansible variables in /molecule/scenarioName/files.yml as required
az loginaz subscription set -s SUBSCRIPTIONIDansible-lint tasks/main.ymlmolecule listmolecule create -s scenarioNamemolecule converge -s scenarioNamemolecule verify -s scenarioNamemolecule test -s scenarioName