Giters

rocknsm / rock

Automated deployment scripts for the RockNSM network hunting distribution.

Home Page:http://rocknsm.io

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Update Zeek role

spartan782 opened this issue · comments

commented

Each role needs to be checked and update any ansible modules or tasks that are deprecated, failing or giving warnings.

commented

Online Deploy LGTM

PLAY [zeek] ****************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Include user-override vars] ******************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [zeek : Install packages] *********************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [zeek : Set monitor interface config] *********************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=eth1)

TASK [zeek : Configure local ifup script] **********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [zeek : Configure GeoIP Update] ***************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [zeek : Update GeoIP - Skipping due to bug] ***************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [zeek : Create GeoIP symlinks] ****************************************************************************
changed: [simplerockbuild.simplerock.lan] => (item={u'dest': u'GeoIPCity.dat', u'src': u'GeoLiteCity.dat'})
changed: [simplerockbuild.simplerock.lan] => (item={u'dest': u'GeoIPCountry.dat', u'src': u'GeoLiteCountry.dat'})
changed: [simplerockbuild.simplerock.lan] => (item={u'dest': u'GeoIPASNum.dat', u'src': u'GeoLiteASNum.dat'})
changed: [simplerockbuild.simplerock.lan] => (item={u'dest': u'GeoIPCityv6.dat', u'src': u'GeoLiteCityv6.dat'})

TASK [Create zeek group] ***************************************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Create zeek user] ****************************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Create zeek directories] *********************************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=/data/zeek)
changed: [simplerockbuild.simplerock.lan] => (item=/data/zeek/logs)
changed: [simplerockbuild.simplerock.lan] => (item=/data/zeek/spool)

TASK [Create /opt/zeek for wandering users] ********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [zeek : Create note to wandering users] *******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Create zeek configs] *************************************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=node.cfg)
changed: [simplerockbuild.simplerock.lan] => (item=zeekctl.cfg)
changed: [simplerockbuild.simplerock.lan] => (item=networks.cfg)

TASK [Add zeek custom scripts directory] ***********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Set permissions on zeekctl scripts] **********************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [zeek : Add README to scripts] ****************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Checkout ROCK zeek scripts] ******************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Deploy offline ROCK zeek scripts] ************************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [Symlink offline ROCK zeek scripts] ***********************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [Update owner for ROCK zeek scripts] **********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Add ROCK scripts to local.zeek] **************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Enable zeek kafka output to local.zeek] ******************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Add zeek aliases] ****************************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Add zeekctl wrapper for admin use] ***********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Set zeek capabilities] ***********************************************************************************
ok: [simplerockbuild.simplerock.lan] => (item=cap_net_raw+eip)
ok: [simplerockbuild.simplerock.lan] => (item=cap_net_admin+eip)

TASK [zeek : Set capstats capabilities] ************************************************************************
changed: [simplerockbuild.simplerock.lan] => (item=cap_net_raw+eip)
changed: [simplerockbuild.simplerock.lan] => (item=cap_net_admin+eip)

TASK [Set zeekctl cron] ****************************************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [Initialize zeek scripts for workers] *********************************************************************
changed: [simplerockbuild.simplerock.lan]

TASK [zeek : Check status of interfaces] ***********************************************************************
ok: [simplerockbuild.simplerock.lan] => (item=eth1)

TASK [zeek : Bring up interfaces] ******************************************************************************
skipping: [simplerockbuild.simplerock.lan] => (item={u'stderr_lines': [], u'ansible_loop_var': u'item', u'end': u'2021-10-29 01:18:33.752850', u'stderr': u'', u'stdout': u'3: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000\\    link/ether ee:88:9d:7c:cb:af brd ff:ff:ff:ff:ff:ff', u'changed': False, u'failed': False, u'delta': u'0:00:00.003450', u'cmd': [u'/usr/sbin/ip', u'-oneline', u'link', u'show', u'dev', u'eth1'], u'item': u'eth1', u'rc': 0, u'invocation': {u'module_args': {u'warn': True, u'executable': None, u'_uses_shell': False, u'strip_empty_ends': True, u'_raw_params': u'/usr/sbin/ip -oneline link show dev eth1\n', u'removes': None, u'argv': None, u'creates': None, u'chdir': None, u'stdin_add_newline': True, u'stdin': None}}, u'stdout_lines': [u'3: eth1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000\\    link/ether ee:88:9d:7c:cb:af brd ff:ff:ff:ff:ff:ff'], u'start': u'2021-10-29 01:18:33.749400'}) 

TASK [zeek : Discover facts about data mount] ******************************************************************
skipping: [simplerockbuild.simplerock.lan] => (item={u'block_used': 39164, u'uuid': u'85b1bba3-fe1b-4601-a3f8-ef4b19efcd31', u'size_total': 1063256064, u'block_total': 259584, u'mount': u'/boot', u'block_available': 220420, u'size_available': 902840320, u'fstype': u'xfs', u'inode_total': 524288, u'options': u'rw,seclabel,relatime,attr2,inode64,noquota', u'device': u'/dev/sda1', u'inode_used': 337, u'block_size': 4096, u'inode_available': 523951}) 
skipping: [simplerockbuild.simplerock.lan] => (item={u'block_used': 1437750, u'uuid': u'3b3f1a8b-f0c9-4308-8218-4d0f41bbf8af', u'size_total': 53660876800, u'block_total': 13100800, u'mount': u'/', u'block_available': 11663050, u'size_available': 47771852800, u'fstype': u'xfs', u'inode_total': 26214400, u'options': u'rw,seclabel,relatime,attr2,inode64,noquota', u'device': u'/dev/mapper/rocknsm-root', u'inode_used': 55649, u'block_size': 4096, u'inode_available': 26158751}) 
skipping: [simplerockbuild.simplerock.lan] => (item={u'block_used': 8251, u'uuid': u'3cc31e72-5bff-48c8-9e1d-213d14404413', u'size_total': 95910432768, u'block_total': 23415633, u'mount': u'/home', u'block_available': 23407382, u'size_available': 95876636672, u'fstype': u'xfs', u'inode_total': 46854144, u'options': u'rw,seclabel,relatime,attr2,inode64,noquota', u'device': u'/dev/mapper/rocknsm-home', u'inode_used': 7, u'block_size': 4096, u'inode_available': 46854137}) 

TASK [zeek : Determining if quotas are enabled] ****************************************************************
ok: [simplerockbuild.simplerock.lan]

TASK [Create zeek quota project id] ****************************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [Map zeek quota project id to name] ***********************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [Define zeek quota project directories] *******************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [set zeek weight] *****************************************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [set zeek quota if not user defined] **********************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [set zeek project quota] **********************************************************************************
skipping: [simplerockbuild.simplerock.lan]

TASK [Enable and start zeek] ***********************************************************************************
changed: [simplerockbuild.simplerock.lan]