Skip to content
/ Corelight-Ansible-Roles Public

Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, Suricata and Zeek solutions.

15 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

corelight/Corelight-Ansible-Roles

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

218 Commits
common
common
 
 
docs
docs
 
 
playbooks-additional
playbooks-additional
 
 
playbooks-wip
playbooks-wip
 
 
roles
roles
 
 
scripts-additional
scripts-additional
 
 
scripts-initial-setup
scripts-initial-setup
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
download-run-me-first.sh
download-run-me-first.sh
 
 
install-config-all-main-host.yml
install-config-all-main-host.yml
 
 
install-config-all-software-sensor.yml
install-config-all-software-sensor.yml
 
 
release-notes.md
release-notes.md
 
 
software-sensor-reconfig-all.yml
software-sensor-reconfig-all.yml
 
 
suricata-cron-job-reconfig.yml
suricata-cron-job-reconfig.yml
 
 
suricata-update-reconfig-all.yml
suricata-update-reconfig-all.yml
 
 
suricata-update-reconfig-host.yml
suricata-update-reconfig-host.yml
 
 
suricata-update-reconfig-select.yml
suricata-update-reconfig-select.yml
 
 
suricata-update-run-all.yml
suricata-update-run-all.yml
 
 
suricata-update-run-host.yml
suricata-update-run-host.yml
 
 

Repository files navigation

Corelight-Ansible-Roles

Caution: Before you run this version, if you are upgrading, some variable names and locations have changed

To get started, simply run this command:

source <( curl https://raw.githubusercontent.com/corelight/Corelight-Ansible-Roles/main/download-run-me-first.sh)

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com. You can sign up for free and get a license key from https://www.maxmind.com/en/geolite2/signup

Corelight-Ansible-Roles are a collection of roles and playbooks to install, configure, run and manage a variety of Corelight ans Zeek solutions. To include:

  • Rules Management for Corelight-Suricata, including Fleet managed sensors (Suricata integration into a Corelight sensor)
  • Creates and manages cron jobs for Suricata-update
  • Input Framework Management for all Corelight sensors, including Fleet managed sensors
  • Intel Framework Management for all Corelight sensors (coming soon)
  • Zeek Package Management for all Corelight sensors (currently only creates a bundle for Fleet managed sensors)
  • Full management of Corelight Software sensors (install, configure and maintain)
  • Automatically installs or upgrades and configures all dependent applications in Python3 virtual environments.
    • Global installations include:
      • Python3
      • Python3-venv
      • git
    • Isolated python venv installations include:
      • Python3-pip
      • Ansible (on a remote host)
      • zkg (Zeek Package Manager)
      • Corelight-client
      • Suricata-update
      • Corelight Software Sensor

Full Documentation coming soon

About

Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, Suricata and Zeek solutions.

Topics

ansible suricata zeek corelight software-sensor corelight-suricata

Resources

Readme
Activity
Custom properties

Stars

15 stars

Watchers

6 watching

Forks

4 forks
Report repository

Releases 2

Corelight-Ansible-Roles Collection Latest
Feb 27, 2021
+ 1 release

Packages

No packages published

Languages