Installing Logentries Using Ansible

Last updated at Mon, 06 Nov 2017 18:31:15 GMT

*This post was written by Logentries customer Richard van den Brand, Software Engineer at Waarneembemiddeling.nl, where he is responsible for developing and maintaining their Symfony2 applications and infrastructure. *

In this short tutorial I’ll describe the steps required to install the Logentries agent using Ansible.

This tutorial assumes you have some basic knowledge about Ansible and how to use playbooks and roles. If you’re unfamiliar with these topics please consult the Ansible documentation.

Example Playbook

Consider the following directory structure, representing an example playbook as starting point, based on the Ansible best practices:

. |-- group_vars | `-- all.yml |-- hosts_vars | `-- web1.example.com.yml |-- production |-- roles `-- site.yml

We assume there is one server here, web1.example.com, and the production inventory file contains the following:

[web] web1.example.com

The site.yml file contains one example task:

---
- name: Ping ping
  hosts: all
  tasks:
  - shell: ping -c 1 google.com

Installing the Role

To install the role use the ansible-galaxy commandline utility:

$ ansible-galaxy install ricbra.logentries -p ./roles

When the downloading and installation of the role is done, the directory structure will look like this:

. |-- group_vars | `-- all.yml |-- hosts_vars | `-- web1.example.com.yml |-- production |-- roles | `-- ricbra.logentries | |-- README.md | |-- defaults | | `-- main.yml | |-- handlers | | `-- main.yml | |-- meta | | `-- main.yml | |-- tasks | | `-- main.yml | |-- templates | | `-- centos6.repo.j2 | `-- vars | |-- Debian.yml | |-- RedHat_6.yml | |-- Ubuntu.yml | `-- main.yml `-- site.yml

Configuring the Role

Now we have downloaded the role we need to assign it to a host so that it will be installed next time we execute the playbook. Let’s start with configuring the account key. As this will be the same for all hosts I choose to place this in the all.yml file.

The contents of this file looks like:

---
logentries_account_key: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx"

Now let’s configure the logs we want to follow on our host. For this example we’re going to follow the authentication log located in /var/log/auth.log. As the logs to follow vary per host I configure this in the specific variable file for web1.example.com. You are free to register this in the variable file of your choice, whatever suites your needs.

The contents of the web1.example.com.yml file:

---
logentries_logs:
  - name: "Authentication"
    path: "/var/log/auth.log"

The last step is assinging the logentries role to our host. We do this in the main playbook site.yml:

---
- name: Install logentries
  hosts: all
  roles:
  - ricbra.logentries

Executing the Playbook

All that rests now is executing the playbook (the fun part):

$ ansible-playbook -i production site.yml PLAY [Ping ping] ************************************************************** GATHERING FACTS *************************************************************** ok: [web1.example.com] TASK: [shell ping -c 1 google.com] ******************************************** changed: [web1.example.com] PLAY [Install logentries] ***************************************************** GATHERING FACTS *************************************************************** ok: [web1.example.com] TASK: [ricbra.logentries | Set OS dependent variables] ************************ ok: [web1.example.com] => (item=/Users/ricbra/projects/ansibletest/roles/ricbra.logentries/vars/Ubuntu.yml) TASK: [ricbra.logentries | OS is supported] *********************************** ok: [web1.example.com] TASK: [ricbra.logentries | Add APT keys] ************************************** changed: [web1.example.com] => (item={'id': 'C43C79AD', 'value': 'pgp.mit.edu', 'method': 'keyserver'}) TASK: [ricbra.logentries | Add APT repositories] ****************************** changed: [web1.example.com] => (item=deb http://rep.logentries.com/ trusty main) TASK: [ricbra.logentries | Install prequesites for RedHat] ******************** skipping: [web1.example.com] TASK: [ricbra.logentries | Copy repo template] ******************************** skipping: [web1.example.com] TASK: [ricbra.logentries | Install packages YUM] ****************************** skipping: [web1.example.com] TASK: [ricbra.logentries | Install packages APT] ****************************** changed: [web1.example.com] => (item=curl,logentries,python-setproctitle) TASK: [ricbra.logentries | Check if host is registered] *********************** failed: [web1.example.com] => {"changed": false, "cmd": ["le", "whoami"], "delta": "0:00:00.059979", "end": "2015-02-10 20:15:24.363403", "rc": 3, "start": "2015-02-10 20:15:24.303424", "stdout_lines": [], "warnings": []} stderr: Host key is required. Register the host or specify the host key with the --host-key parameter. ...ignoring TASK: [ricbra.logentries | Register host] ************************************* changed: [web1.example.com] TASK: [ricbra.logentries | Install logentries daemon APT] ********************* changed: [web1.example.com] TASK: [ricbra.logentries | Install logentries daemon YUM] ********************* skipping: [web1.example.com] TASK: [ricbra.logentries | Follow logs] *************************************** skipping: [web1.example.com] PLAY RECAP ******************************************************************** web1.example.com : ok=9 changed=5 unreachable=0 failed=0

Now log in at logentries.com and verify if the new host and logs are present. You can contact Richard directly @_ricbra or richard@vandenbrand.org.