An Ansible role to install a Datadog agent check for Lynis, an open source security auditing tool.
requirements.yml:
- src: Datadog.datadog
version: 4.2.1
- src: infothrill.datadog_check_lynis
version: v3.0.0
Install:
ansible-galaxy install -r requirements.yml -p ./roles/
Playbook:
- hosts: servers
roles:
- role: Datadog.datadog
- role: ansible-role-datadog_check_lynis
To configure the check, please use the Datadog.datadog role and add an entry
in the checks dictionary there:
lynis:
init_config:
instances:
- metrics:
- hardening_index
- installed_packages
- lynis_tests_done
report: /var/log/lynis/report.dat
| variable | default | description |
|---|---|---|
| ddagent_user | dd-agent | agent user |
| ddagent_group | dd-agent | agent group |
In principle, this role can be run standalone, however it is only tested together with the role Datadog.datadog. The recommended approach would be to:
- install datadog using the upstream role
- configure the check using the upstream role
- run this role to deploy the check plugin only
MIT
This role was created in 2017 by Paul Kremer.
- Drop python 3.6 test support
- Add python 3.7, 3.8, 3.9 test support
- Upgrade molecule to 3.x
- Drop ansible 2.8 support
- Add ansible 2.10, 3.0 support
- Renamed role to
datadog_check_lynis - Drop support for ansible EOL versions 2.5, 2.6, 2.7
- Add support for agent
> 6(python 3+), and drop support for older versions - Drop Centos / EL7
- Add test for Ubuntu focal (20.04)
- Add support for ansible 2.6, 2.7, 2.8, 2.9
- Drop support for ansible EOL versions 2.2, 2.3, 2.4
- Drop support for python2
- Drop support for EL6 , ubuntu trusty 14.04
- Add testing support for ansible 2.8
- Upgrade ansible-lint, molecule and docker dependencies for testing
- Auto-detect agent5/6 configuration directory (backwards compatible)
- Add support for EL 6,7
- Optimize molecule test
- Upgrade molecule
- Fix meta/main.yml to reflect correct values
- remove ansible 2.1 and add ansible 2.5
- upgrade molecule
- remove unused files and outcommented code
- initial release