gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: kibana - default index patterns

Browse Source 
- uncategorized-*
- {{ stage }}-*-authlog-*
- {{ stage }}-*-syslog-*
- {{ stage }}-monitoring-*
- {{ stage }}-management-*-connect-*
feature/DEV-380
Sven Ketelsen 4 years ago
parent 26dad106ba
commit 25bd87846c
3 changed files with 75 additions and 30 deletions
Show Stats Download Patch File Download Diff File

47
roles/kibana/defaults/main.yaml
Unescape Escape View File

@ -80,7 +80,27 @@ kibana_technical_users:
- actions
- osquery
- savedObjectsTagging
elastic_index_pattern:
elastic_index_patterns:
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: '{{ stage }}-management-*-connect-*'
typeMeta: "{}"
references: []
elastic_state: present
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: 'uncategorized-*'
typeMeta: "{}"
references: []
elastic_state: present
-
attributes:
fieldAttrs: '{}'
@ -89,8 +109,25 @@ kibana_technical_users:
timeFieldName: "@timestamp"
title: '{{ stage }}-*-authlog-*'
typeMeta: "{}"
coreMigrationVersion: 7.16.1
migrationVersion:
index-pattern: 7.11.0
references: []
type: index-pattern
elastic_state: present
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: '{{ stage }}-*-syslog-*'
typeMeta: "{}"
references: []
elastic_state: present
-
attributes:
fieldAttrs: '{}'
fields: "[]"
runtimeFieldMap: "{}"
timeFieldName: "@timestamp"
title: '{{ stage }}-monitoring-*'
typeMeta: "{}"
references: []
elastic_state: present

50
roles/kibana/tasks/_configure_indexpattern.yml
Unescape Escape View File

@ -3,42 +3,50 @@
set_fact:
api_path: '/s/{{ es_space }}/api/saved_objects'
es_object_type: 'index-pattern'
indexpattern_exists: False
elastic_indexpattern_cleaned: {}
index_pattern_exists: False
elastic_index_pattern_cleaned: {}
- name: "Get all index patterns in elasticsearch"
delegate_to: localhost
uri:
url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type=index-pattern"
url: "https://{{ kibana_api_endpoint }}{{ api_path }}/_find?per_page=10000&type={{ es_object_type }}"
method: GET
status_code: [200]
user: "{{ elastic_admin_username }}"
password: "{{ elastic_admin_password }}"
force_basic_auth: yes
register: all_indexpatterns
register: all_index_patterns
become: false
- name: "Lookup index pattern object if exists"
- name: "Lookup index pattern <{{ elastic_index_pattern.attributes.title }}>"
set_fact:
lookup_indexpattern_object: '{{ all_indexpatterns.json | community.general.json_query(querystr1) | first | community.general.json_query(indexpattern_query) }}'
lookup_indexpattern_object: '{{ all_index_patterns.json | community.general.json_query(querystr1) | first | community.general.json_query(indexpattern_query) }}'
vars:
querystr1: "[saved_objects[*]]"
indexpattern_query: "[?attributes.title=='{{ elastic_indexpattern.attributes.title }}']"
indexpattern_query: "[?attributes.title=='{{ elastic_index_pattern.attributes.title }}']"
- name: "Set switch VAR"
set_fact:
indexpattern_exists: True
index_pattern_exists: True
when:
- lookup_indexpattern_object | length > 0
- name: "Drop not needed key from dict"
set_fact:
elastic_indexpattern_cleaned: "{{ elastic_indexpattern_cleaned | combine({item.key: item.value}) }}"
with_dict: '{{ elastic_indexpattern }}'
elastic_index_pattern_cleaned: "{{ elastic_index_pattern_cleaned | combine({item.key: item.value}) }}"
with_dict: '{{ elastic_index_pattern }}'
when:
- item.key not in ['elastic_state']
- name: "Create {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>"
- name: "Create <{{ es_object_type }}> <{{ elastic_index_pattern.attributes.title }}>"
debug:
msg: "{{ elastic_index_pattern_cleaned }}"
become: false
when:
- not index_pattern_exists
- elastic_index_pattern.elastic_state == 'present'
- name: "Create <{{ es_object_type }}> <{{ elastic_index_pattern.attributes.title }}>"
delegate_to: localhost
uri:
url: "https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}"
@ -51,13 +59,13 @@
Content-Type: application/json
kbn-xsrf: true
body_format: json
body: '{{ elastic_indexpattern_cleaned | to_json }}'
body: '{{ elastic_index_pattern_cleaned | to_json }}'
become: false
when:
- not indexpattern_exists
- elastic_indexpattern.elastic_state == 'present'
- not index_pattern_exists
- elastic_index_pattern.elastic_state == 'present'
- name: "Update {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>"
- name: "Update {{ es_object_type }} <<{{ elastic_index_pattern.attributes.title }}>>"
delegate_to: localhost
uri:
url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
@ -70,13 +78,13 @@
Content-Type: application/json
kbn-xsrf: true
body_format: json
body: '{{ elastic_indexpattern_cleaned | to_json }}'
body: '{{ elastic_index_pattern_cleaned | to_json }}'
become: false
when:
- indexpattern_exists
- elastic_indexpattern.elastic_state == 'present'
- index_pattern_exists
- elastic_index_pattern.elastic_state == 'present'
- name: "DELETE {{ es_object_type }} <<{{ elastic_indexpattern.attributes.title }}>>"
- name: "DELETE {{ es_object_type }} <<{{ elastic_index_pattern.attributes.title }}>>"
delegate_to: localhost
uri:
url: 'https://{{ kibana_api_endpoint }}{{ api_path }}/{{ es_object_type }}/{{ lookup_indexpattern_object[0]["id"] }}'
@ -90,5 +98,5 @@
kbn-xsrf: true
become: false
when:
- indexpattern_exists
- elastic_indexpattern.elastic_state == 'absent'
- index_pattern_exists
- elastic_index_pattern.elastic_state == 'absent'

4
roles/kibana/tasks/add_technical_users.yml
Unescape Escape View File

@ -25,10 +25,10 @@
- name: "Do some stuff in elastic with index pattern ..."
vars:
es_space: technical_user.elastic_index_pattern
es_space: "default"
include_role:
name: kibana
tasks_from: _configure_indexpattern.yml
loop: "{{ technical_user.elastic_index_pattern }}"
loop: "{{ technical_user.elastic_index_patterns }}"
loop_control:
loop_var: elastic_index_pattern

Write Preview
Loading…
Cancel
Save