Deploy NXLog Agent with Ansible

Only control machines can run Ansible, which must be running a UNIX-like operating system, but Windows hosts that have the Windows Subsystem for Linux (WSL) installed are also supported. Managed nodes are agentless. However, both control machines and managed nodes require Python. For further details, see the Ansible Installation Guide.

Execute the commands below to install and configure NXLog Agent on Ubuntu and Windows:

  1. Create the directory structure

    $ mkdir -p ansible/config
    $ cd ansible
    $ touch playbook.yml inventory config/managed.conf
  2. Log in to your NXLog account. Click on Your Account > Downloads, and from the Version drop-down menu select NXLog Agent v6, then download the files:

    • nxlog-6.4.9634_ubuntu20_amd64.tar.bz2 for Ubuntu.

    • nxlog-6.4.9634_windows_x64.msi for Windows.

      Copy both files to the ansible directory you created in the previous step. Ansible will upload and install it during playbook execution.

  3. Compose the inventory file located in the config directory.

    Example 1. inventory

    The inventory file allows us to define categories or groups of servers. In this example, a single category, nxlog_servers, is used for both binaries.

    [nxlog_servers]
    ubuntu ansible_host=192.168.1.10
    windows ansible_host=192.168.1.11
  4. Create the NXLog Agent configuration.

    Example 2. NXLog Agent Ansible basic configuration example.

    This configuration example will set up NXLog Agent with a basic connection to NXLog Platform. The basic configuration can be downloaded by navigating to Agents > Agents in NXLog Platform and clicking on Add new Agent. The downloaded config will include the correct <YOUR COMPANY ADDRESS> define.

    managed.conf
    define HOST <YOUR COMPANY ADDRESS>:5514
    LogLevel              INFO
    LogFile               %MYLOGFILE%
    <Extension admin>
        Module            xm_admin
        Host              %HOST%
        SocketType        SSL
        AllowUntrusted    True
        RequireCert       False
        <ACL conf>
            Directory     %CONFDIR%
            AllowRead     TRUE
            AllowWrite    TRUE
        </ACL>
        <ACL cert>
            Directory     %CERTDIR%
            AllowRead     TRUE
            AllowWrite    TRUE
        </ACL>
    </Extension>
    </Route>
  5. The Ansible playbook defines and configures the automation tasks. For more information on creating playbooks, see Ansible’s Intro to playbooks.

    playbook.yaml
    ---
    - hosts: nxlog_servers
      become: true
      become_user: root
    
      tasks:
        - name: Upload NXLog installer to remote Ubuntu server
          copy:
            src: nxlog-5.4.7313_ubuntu20_amd64.tar.bz2
            dest: /root/
            mode: '0755'
          when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'"
    
        - name: Install NXLog on Ubuntu Focal
          shell:
            cmd: |
              mkdir -p nxlog; tar -xvf nxlog-5.4.7313_ubuntu20_amd64.tar.bz2 -C nxlog;
              apt install -y ./nxlog/*.deb;
          when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'"
    
        - name: Copy the "managed.conf" configuration file to the NXLog config directory
          copy:
            src: config/managed.conf
            dest: /opt/nxlog/etc/nxlog.d/managed.conf
            owner: nxlog
            group: nxlog
            mode: '0755'
          when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'"
    
        - name: Restarting NXLog on Ubuntu Focal
          command: systemctl restart nxlog
          when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'"
    
    #====================================================================================================#
    
        - name: Upload NXLog installer to remote Windows server
          copy:
            src: nxlog-5.4.7313_windows_x64.msi
            dest: C:\Users\administrator
            owner: nxlog
            group: nxlog
          when: ansible_distribution == 'Windows'
    
        - name: Install NXLog on Windows
          win_package:
            path: C:\Users\administrator\nxlog-5.4.7313_windows_x64.msi
            state: present
          when: ansible_distribution == 'Windows'
    
        - name: Copy new "managed.conf" file into the NXLog default config directory
          copy:
            src: config/managed.conf
            dest: C:\Program Files\nxlog\conf\nxlog.d\managed.conf
            owner: nxlog
            group: nxlog
            mode: '750'
          when: ansible_distribution == 'Windows'
    
        - name: Set nxlog service startup mode to auto and ensure it's started.
          win_service:
            name: nxlog
            state: restarted
  6. Run the playbook.

    $ ansible-playbook -i inventory -u root --ask-pass --ask-become-pass playbook.yml
    According to the Setting up SSH keys section of the Ansible User Guide, "By default, Ansible assumes you are using SSH keys to connect to remote machines. SSH keys are encouraged …​".

    This example illustrates which ansible-playbook flags are required if the more secure SSH public key pair authentication method is not an option. The --ask-pass option enables the less secure SSH password authentication method.

    The Become directives page explains that the --ask-become-pass flag (or -K for short) enables one to specify a password for sudo.