2024-03-20 13:45:58 +01:00
|
|
|
---
|
|
|
|
- name: Install audit
|
|
|
|
ansible.builtin.apt:
|
|
|
|
name: auditd
|
|
|
|
state: latest
|
|
|
|
notify:
|
|
|
|
- Start auditd
|
|
|
|
- Enable auditd
|
2024-03-22 23:47:35 +01:00
|
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
|
|
|
|
- name: Install audit
|
|
|
|
ansible.builtin.dnf:
|
|
|
|
name: audit
|
|
|
|
state: latest
|
|
|
|
notify:
|
|
|
|
- Start auditd
|
|
|
|
- Enable auditd
|
|
|
|
when: ansible_facts['os_family'] == "RedHat"
|
2024-03-20 13:45:58 +01:00
|
|
|
|
|
|
|
- name: Add rules
|
|
|
|
ansible.builtin.copy:
|
|
|
|
src: 'custom.rules'
|
|
|
|
dest: '/etc/audit/rules.d/custom.rules'
|
|
|
|
mode: "0640"
|