Deploy NXLog Agent with Ansible
Only control machines can run Ansible, which must be running a UNIX-like operating system, but Windows hosts that have the Windows Subsystem for Linux (WSL) installed are also supported. Managed nodes are agentless. However, both control machines and managed nodes require Python. For further details, see the Ansible Installation Guide.
Execute the commands below to install and configure NXLog Agent on Ubuntu and Windows:
-
Create the directory structure
$ mkdir -p ansible/config $ cd ansible $ touch playbook.yml inventory config/managed.conf
-
Log in to your NXLog account. Click on Your Account > Downloads, and from the Version drop-down menu select NXLog Agent v6, then download the files:
-
nxlog-6.4.9634_ubuntu20_amd64.tar.bz2
for Ubuntu. -
nxlog-6.4.9634_windows_x64.msi
for Windows.Copy both files to the
ansible
directory you created in the previous step. Ansible will upload and install it during playbook execution.
-
-
Compose the
inventory
file located in theconfig
directory.Example 1. inventoryThe
inventory
file allows us to define categories or groups of servers. In this example, a single category,nxlog_servers
, is used for both binaries.[nxlog_servers] ubuntu ansible_host=192.168.1.10 windows ansible_host=192.168.1.11
-
Create the NXLog Agent configuration.
Example 2. NXLog Agent Ansible basic configuration example.This configuration example will set up NXLog Agent with a basic connection to NXLog Platform. The basic configuration can be downloaded by navigating to Agents > Agents in NXLog Platform and clicking on Add new Agent. The downloaded config will include the correct
<YOUR COMPANY ADDRESS>
define.managed.confdefine HOST <YOUR COMPANY ADDRESS>:5514 LogLevel INFO LogFile %MYLOGFILE% <Extension admin> Module xm_admin Host %HOST% SocketType SSL AllowUntrusted True RequireCert False <ACL conf> Directory %CONFDIR% AllowRead TRUE AllowWrite TRUE </ACL> <ACL cert> Directory %CERTDIR% AllowRead TRUE AllowWrite TRUE </ACL> </Extension> </Route>
-
The Ansible playbook defines and configures the automation tasks. For more information on creating playbooks, see Ansible’s Intro to playbooks.
playbook.yaml--- - hosts: nxlog_servers become: true become_user: root tasks: - name: Upload NXLog installer to remote Ubuntu server copy: src: nxlog-5.4.7313_ubuntu20_amd64.tar.bz2 dest: /root/ mode: '0755' when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'" - name: Install NXLog on Ubuntu Focal shell: cmd: | mkdir -p nxlog; tar -xvf nxlog-5.4.7313_ubuntu20_amd64.tar.bz2 -C nxlog; apt install -y ./nxlog/*.deb; when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'" - name: Copy the "managed.conf" configuration file to the NXLog config directory copy: src: config/managed.conf dest: /opt/nxlog/etc/nxlog.d/managed.conf owner: nxlog group: nxlog mode: '0755' when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'" - name: Restarting NXLog on Ubuntu Focal command: systemctl restart nxlog when: "ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'focal'" #====================================================================================================# - name: Upload NXLog installer to remote Windows server copy: src: nxlog-5.4.7313_windows_x64.msi dest: C:\Users\administrator owner: nxlog group: nxlog when: ansible_distribution == 'Windows' - name: Install NXLog on Windows win_package: path: C:\Users\administrator\nxlog-5.4.7313_windows_x64.msi state: present when: ansible_distribution == 'Windows' - name: Copy new "managed.conf" file into the NXLog default config directory copy: src: config/managed.conf dest: C:\Program Files\nxlog\conf\nxlog.d\managed.conf owner: nxlog group: nxlog mode: '750' when: ansible_distribution == 'Windows' - name: Set nxlog service startup mode to auto and ensure it's started. win_service: name: nxlog state: restarted
-
Run the playbook.
$ ansible-playbook -i inventory -u root --ask-pass --ask-become-pass playbook.yml
According to the Setting up SSH keys section of the Ansible User Guide, "By default, Ansible assumes you are using SSH keys to connect to remote machines. SSH keys are encouraged …". This example illustrates which
ansible-playbook
flags are required if the more secure SSH public key pair authentication method is not an option. The--ask-pass
option enables the less secure SSH password authentication method.The Become directives page explains that the
--ask-become-pass
flag (or-K
for short) enables one to specify a password for sudo.