Logging AAP information on a target system

Logging AAP information on a target system

Magnus Glantz Magnus Glantz

Magnus Glantz

Principal Specialist Solution Architect at Red Hat | author | spokesperson | linux | k8s | ansible | security

发布日期: 2024年8月12日
+ 关注

A customer of mine recently requested a new feature, which was added about a month ago. It adds a new configuration item called TARGET_LOG_INFO to Ansible Core 2.17.1.

This allows you to append any arbitrary information to the target system log. Most interestingly, is that you can use this, to add things like awx_job_id or awx_user_id to the target systems log, meaning the audit trail from a target system can more easily get connected to a specific Ansible Automation Platform job_id or user_id, or any other thing you have in mind.

Here's how you get that to work:

  • Use the latest execution environment (2.17.2) which bundles Ansible Core 2.17.2. Example below:

---
- name: Check if a server is alive
  hosts: all
  tasks:
  - name: Set TARGET_LOG_INFO
    ansible.builtin.set_fact:
      ansible_target_log_info: "aap_job_id = {{ awx_job_id }} aap_user_id = {{ awx_user_id }} runs:"
  
  - name: Log into the server and check that the ping modules returns output
    ansible.builtin.ping:
      data: pong from Ansible

  • Create a job template which uses the latest execution environment and above playbook.


  • Run the job template and check /var/log/messages or journalctl on the target system:


That was all! Enjoy :)


要查看或添加评论,请登录

Magnus Glantz的更多文章

  • Public cloud exit - for dummies
    2025年2月19日

    Public cloud exit - for dummies

    Welcome, by reading this you will better understand the challenges related to changing a public cloud provider for…

    17 条评论
  • We need to redefine what a broken system looks like
    2024年11月29日

    We need to redefine what a broken system looks like

    We have a problem of a cultural kind, which will become painstakingly obvious when new security legislation such as…

    6 条评论
  • Protecting Ansible code and inventories using signing!
    2024年4月22日

    Protecting Ansible code and inventories using signing!

    This is an article on how to use ansible-sign and Ansible Automation Platform to mitigate risk for supply chain attacks…

    13 条评论
  • YubiKey 2FA for Fedora 39
    2024年1月15日

    YubiKey 2FA for Fedora 39

    This is a step-by-step guide on how to enable YubiKey 2FA for your Fedora 39 :) As preparations for a talk on Zero…

    4 条评论
  • DALL-E: Make it more open source!
    2023年11月29日

    DALL-E: Make it more open source!

    It's a popular trend, so let's give it a try. Let's ask DALL-E to make something more and more and more open source…

    9 条评论
  • Analysis: Generative AI and automation: Part 1
    2023年10月30日

    Analysis: Generative AI and automation: Part 1

    Hello there, My social media is getting filled to the brim with influencers which are letting me know that some new AI…

    7 条评论
  • The secret behind Fedora, CentOS and RHEL
    2023年6月30日

    The secret behind Fedora, CentOS and RHEL

    I hope you slept well the past week. I was kept awake by constant discussions and thoughts ;) In an attempt to answer…

    62 条评论
  • The problem with Rocky Linux and free beer
    2023年6月22日

    The problem with Rocky Linux and free beer

    Recent changes to how Red Hat publishes the source code for Red Hat Enterprise Linux has raised discussions about Red…

    299 条评论
  • Event driven automation with Ansible
    2022年11月2日

    Event driven automation with Ansible

    What is this all about? Just a few weeks ago we have had a new significant development in the Ansible space, it is the…

    9 条评论
  • Open Source and the SolarWinds hack
    2020年12月17日

    Open Source and the SolarWinds hack

    By now, I'm guessing that you may have heard about the SolarWinds hack, often referred to as SunBurst. An assumed…

    17 条评论

社区洞察

其他会员也浏览了