ansible-vault icon indicating copy to clipboard operation
ansible-vault copied to clipboard

Published 20 hours ago verified publisher icon ansible-community

Audit Logs

Open AlyRagab opened this issue 3 years ago • 1 comments

Enabling Audit Logs Device to be ready for any logging collector like Datadog, I can not find that in the documentation yet.

Is there any support for such feature using Ansible Role ?

AlyRagab avatar Aug 27 '22 17:08 AlyRagab

@AlyRagab I don't believe you can do it using the role.

Its pretty easy to do it using the uri module though after the role has run

Something like:

---
- name: Enable audit log
  uri:
    url: https://127.0.0.1:8200/v1/sys/audit/file
    validate_certs: false
    headers:
      X-Vault-Token: "{{ lookup('env', 'VAULT_TOKEN') }}"
    follow_redirects: all
    method: PUT
    status_code:
      - 204
      - 400  # path already in use
    body:
      type: "file"
      options:
        file_path: "{{ vault_audit_log_path }}"
        mode: "0660"
    body_format: json

markafarrell avatar Sep 23 '22 04:09 markafarrell