Linux - Auditbeat

Description

This playbook uses the mon-elastic-beat-auditbeat role to ensure that Auditbeat is installed.
This role ensures the correct version of Auditbeat is installed, handles custom configurations based on host or group-specific requirements, and manages system services like auditd to avoid conflicts.
The role supports CentOS/RHEL 7 and 8, applying specific configurations such as masking auditd sockets or adding socket_type for Auditbeat. It integrates with a Git repository to fetch configuration files and uses conditional logic to apply the appropriate Auditbeat configuration. The role also manages systemd overrides for Elastic nodes and ensures Auditbeat is enabled and started. Debugging and logging are included for better traceability.

Credentials

None

Input

Variable	Description
`target`	Target host or group for the playbook.

Output

None

Linux - Auditbeat

Description

Credentials

Input

Output

Dependencies