gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: kibana - default index patterns

Browse Source 
- uncategorized-*
- {{ stage }}-*-authlog-*
- {{ stage }}-*-syslog-*
- {{ stage }}-monitoring-*
- {{ stage }}-management-*-connect-*
feature/DEV-380
Sven Ketelsen 4 years ago
parent 26dad106ba
commit 25bd87846c
3 changed files with 75 additions and 30 deletions
Show Stats Download Patch File Download Diff File

47
roles/kibana/defaults/main.yaml
Unescape Escape View File

@ -80,7 +80,27 @@ kibana_technical_users:
- actions - actions
- osquery - osquery
- savedObjectsTagging - savedObjectsTagging
elastic_index_pattern: elastic_index_patterns:
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: '{{ stage }}-management-*-connect-*'
typeMeta: "{}"
references: []
elastic_state: present
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: 'uncategorized-*'
typeMeta: "{}"
references: []
elastic_state: present
- -
attributes: attributes:
fieldAttrs: '{}' fieldAttrs: '{}'
@ -89,8 +109,25 @@ kibana_technical_users:
timeFieldName: "@timestamp" timeFieldName: "@timestamp"
title: '{{ stage }}-*-authlog-*' title: '{{ stage }}-*-authlog-*'
typeMeta: "{}" typeMeta: "{}"
coreMigrationVersion: 7.16.1
migrationVersion:
index-pattern: 7.11.0
references: [] references: []
type: index-pattern elastic_state: present
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: '{{ stage }}-*-syslog-*'
typeMeta: "{}"
references: []
elastic_state: present
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: '{{ stage }}-monitoring-*'
typeMeta: "{}"
references: []
elastic_state: present

52
roles/kibana/tasks/_configure_indexpattern.yml
Unescape Escape View File

@ -3,42 +3,50 @@
set_fact: set_fact:
api_path: '/s/{{ es_space }}/api/saved_objects' api_path: '/s/{{ es_space }}/api/saved_objects'
es_object_type: 'index-pattern' es_object_type: 'index-pattern'
indexpattern_exists: False index_pattern_exists: False
elastic_indexpattern_cleaned: {} elastic_index_pattern_cleaned: {}
- name: "Get all indexpatterns in elasticsearch" - name: "Get all index patterns in elasticsearch"
delegate_to: localhost delegate_to: localhost
uri: uri:
url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type=index-pattern" url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
method: GET method: GET
status_code: [200] status_code: [200]
user: "{{ elastic_admin_username }}" user: "{{ elastic_admin_username }}"
password: "{{ elastic_admin_password }}" password: "{{ elastic_admin_password }}"
force_basic_auth: yes force_basic_auth: yes
register: all_indexpatterns register: all_index_patterns
become: false become: false
- name: "Lookup index pattern object if exists" - name: "Lookup index pattern <{{ elastic_index_pattern.attributes.title }}>"
set_fact: set_fact:
lookup_indexpattern_object: '{{ all_indexpatterns.json | community.general.json_query(querystr1) | first | community.general.json_query(indexpattern_query) }}' lookup_indexpattern_object: '{{ all_index_patterns.json | community.general.json_query(querystr1) | first | community.general.json_query(indexpattern_query) }}'
vars: vars:
querystr1: "[saved_objects[*]]" querystr1: "[saved_objects[*]]"
indexpattern_query: "[?attributes.title=='{{ elastic_indexpattern.attributes.title }}']" indexpattern_query: "[?attributes.title=='{{ elastic_index_pattern.attributes.title }}']"
- name: "Set switch VAR" - name: "Set switch VAR"
set_fact: set_fact:
indexpattern_exists: True index_pattern_exists: True
when: when:
- lookup_indexpattern_object | length > 0 - lookup_indexpattern_object | length > 0
- name: "Drop not needed key from dict" - name: "Drop not needed key from dict"
set_fact: set_fact:
elastic_indexpattern_cleaned: "{{ elastic_indexpattern_cleaned | combine({item.key: item.value}) }}" elastic_index_pattern_cleaned: "{{ elastic_index_pattern_cleaned | combine({item.key: item.value}) }}"
with_dict: '{{ elastic_indexpattern }}' with_dict: '{{ elastic_index_pattern }}'
when: when:
- item.key not in ['elastic_state'] - item.key not in ['elastic_state']
- name: "Create {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>" - name: "Create <{{ es_object_type }}> <{{ elastic_index_pattern.attributes.title }}>"
debug:
msg: "{{ elastic_index_pattern_cleaned }}"
become: false
when:
- not index_pattern_exists
- elastic_index_pattern.elastic_state == 'present'
- name: "Create <{{ es_object_type }}> <{{ elastic_index_pattern.attributes.title }}>"
delegate_to: localhost delegate_to: localhost
uri: uri:
url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}" url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
@ -51,13 +59,13 @@
Content-Type: application/json Content-Type: application/json
kbn-xsrf: true kbn-xsrf: true
body_format: json body_format: json
body: '{{ elastic_indexpattern_cleaned | to_json }}' body: '{{ elastic_index_pattern_cleaned | to_json }}'
become: false become: false
when: when:
- not indexpattern_exists - not index_pattern_exists
- elastic_indexpattern.elastic_state == 'present' - elastic_index_pattern.elastic_state == 'present'
- name: "Update {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>" - name: "Update {{ es_object_type }} <<{{ elastic_index_pattern.attributes.title }}>>"
delegate_to: localhost delegate_to: localhost
uri: uri:
url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}' url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
@ -70,13 +78,13 @@
Content-Type: application/json Content-Type: application/json
kbn-xsrf: true kbn-xsrf: true
body_format: json body_format: json
body: '{{ elastic_indexpattern_cleaned | to_json }}' body: '{{ elastic_index_pattern_cleaned | to_json }}'
become: false become: false
when: when:
- indexpattern_exists - index_pattern_exists
- elastic_indexpattern.elastic_state == 'present' - elastic_index_pattern.elastic_state == 'present'
- name: "DELETE {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>" - name: "DELETE {{ es_object_type }} <<{{ elastic_index_pattern.attributes.title }}>>"
delegate_to: localhost delegate_to: localhost
uri: uri:
url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}' url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
@ -90,5 +98,5 @@
kbn-xsrf: true kbn-xsrf: true
become: false become: false
when: when:
- indexpattern_exists - index_pattern_exists
- elastic_indexpattern.elastic_state == 'absent' - elastic_index_pattern.elastic_state == 'absent'

6
roles/kibana/tasks/add_technical_users.yml
Unescape Escape View File

@ -23,12 +23,12 @@
loop_control: loop_control:
loop_var: elastic_user loop_var: elastic_user
- name: "Do some stuff in elastic with indexpattern ..." - name: "Do some stuff in elastic with index pattern ..."
vars: vars:
es_space: technical_user.elastic_index_pattern es_space: "default"
include_role: include_role:
name: kibana name: kibana
tasks_from: _configure_indexpattern.yml tasks_from: _configure_indexpattern.yml
loop: "{{ technical_user.elastic_index_pattern }}" loop: "{{ technical_user.elastic_index_patterns }}"
loop_control: loop_control:
loop_var: elastic_index_pattern loop_var: elastic_index_pattern

Write Preview
Loading…
Cancel
Save