Skip to content
Snippets Groups Projects

Draft: Enable Loki as a replacement for Elasticsearch when `enable_loki` is set.

Closed Draft: Enable Loki as a replacement for Elasticsearch when `enable_loki` is set.
loki into master
Closed ale requested to merge loki into master
Viewing commit 075c2488
Prev Next
Show latest version
1 file
+ 6
0
Compare changes
  • Side-by-side
  • Inline
roles/base/tasks/harden.yml
+ 6
0
@@ -49,6 +49,7 @@
@@ -49,6 +49,7 @@
packages:
packages:
- auditd
- auditd
- audisp-json
- audisp-json
 
when: not enable_loki
- name: Auditd default config removed
- name: Auditd default config removed
file:
file:
@@ -63,6 +64,7 @@
@@ -63,6 +64,7 @@
- "templates/audit/rules.d/*.j2"
- "templates/audit/rules.d/*.j2"
notify:
notify:
- restart auditd
- restart auditd
 
when: not enable_loki
- name: Auditd configured
- name: Auditd configured
template:
template:
@@ -70,6 +72,7 @@
@@ -70,6 +72,7 @@
dest: /etc/audit/auditd.conf
dest: /etc/audit/auditd.conf
notify:
notify:
- restart auditd
- restart auditd
 
when: not enable_loki
- name: Audispd plugins configured
- name: Audispd plugins configured
copy:
copy:
@@ -80,11 +83,13 @@
@@ -80,11 +83,13 @@
- json.conf
- json.conf
notify:
notify:
- restart auditd
- restart auditd
 
when: not enable_loki
- name: Enable auditd service
- name: Enable auditd service
systemd:
systemd:
name: auditd.service
name: auditd.service
enabled: yes
enabled: yes
 
when: not enable_loki
- name: Disable journald-auditd link
- name: Disable journald-auditd link
systemd:
systemd:
@@ -92,3 +97,4 @@
@@ -92,3 +97,4 @@
state: stopped
state: stopped
enabled: no
enabled: no
masked: yes
masked: yes
 
when: not enable_loki