ubuntu - 记录 Ansible 在远程主机上运行 BASH/Python 脚本的日志

标签 ubuntu logging ansible

我有一本剧本可以将 BASH/Python 复制到远程客户端,然后以本地用户身份运行脚本。安全审计员要求我将此操作保存为 ansible 服务器中的日志。如果 Ansible 在远程主机中运行脚本,有什么简单的方法可以记录历史记录吗?

- name: Test Playbook
  hosts: all
  gather_facts: false
  remote_user: ansible
  become: true

  tasks:
  - name: Copy test.sh file to remote host
    ansible.builtin.copy:
      src: /tmp/test.sh
      dest: /tmp
      owner: '{{ inventory_hostname }}'
      group: '{{ inventory_hostname }}'
      mode: '0755'   

  - name: Run test script
    ansible.builtin.command:
      cmd: "/tmp/test.sh"
    become_user: '{{ inventory_hostname }}'
我对 Ansible 很陌生,感谢任何帮助!

最佳答案

问: “将操作保存为 ansible 服务器中的日志。”
答:您可以使用community.general.syslogger .例如,给定脚本

shell> cat /tmp/test.sh
#!/bin/sh
printf "$0: [OK] Completed."
playbook 将在远程主机上复制并运行脚本。最后一个任务会将注册的结果写入ansible服务器的日志
- name: Test Playbook
  hosts: all
  gather_facts: false

  tasks:
  - name: Copy test.sh file to remote host
    ansible.builtin.copy:
      src: /tmp/test.sh
      dest: /tmp
      mode: '0755'

  - name: Run test script
    ansible.builtin.command:
      cmd: /tmp/test.sh
    register: result

  - name: Send results to log
    community.general.syslogger:
      msg: "{{ item }} {{ hostvars[item].result }}"
    loop: "{{ ansible_play_hosts }}"
    delegate_to: localhost
    run_once: true
默认优先级info在 Ubuntu 上写入文件/var/log/syslog
shell> tail -f /var/log/syslog
...
Apr  4 02:37:13 localhost python3[1429581]: ansible-community.general.syslogger Invoked with msg=host01 {'changed': True, 'stdout': '/tmp/test.sh: [OK] Completed.', 'stderr': '', 'rc': 0, 'cmd': ['/tmp/test.sh'], 'start': '2022-04-04 00:37:12.546699', 'end': '2022-04-04 00:37:12.560452', 'delta': '0:00:00.013753', 'msg': '', 'stdout_lines': ['/tmp/test.sh: [OK] Completed.'], 'stderr_lines': [], 'failed': False} ident=ansible_syslogger priority=info facility=daemon log_pid=False
Apr  4 02:37:13 localhost ansible_syslogger: host01 {'changed': True, 'stdout': '/tmp/test.sh: [OK] Completed.', 'stderr': '', 'rc': 0, 'cmd': ['/tmp/test.sh'], 'start': '2022-04-04 00:37:12.546699', 'end': '2022-04-04 00:37:12.560452', 'delta': '0:00:00.013753', 'msg': '', 'stdout_lines': ['/tmp/test.sh: [OK] Completed.'], 'stderr_lines': [], 'failed': False}
Apr  4 02:37:13 localhost python3[1429607]: ansible-community.general.syslogger Invoked with msg=host02 {'changed': True, 'stdout': '/tmp/test.sh: [OK] Completed.', 'stderr': '', 'rc': 0, 'cmd': ['/tmp/test.sh'], 'start': '2022-04-04 00:37:12.392564', 'end': '2022-04-04 00:37:12.409556', 'delta': '0:00:00.016992', 'msg': '', 'stdout_lines': ['/tmp/test.sh: [OK] Completed.'], 'stderr_lines': [], 'failed': False} ident=ansible_syslogger priority=info facility=daemon log_pid=False
Apr  4 02:37:13 localhost ansible_syslogger: host02 {'changed': True, 'stdout': '/tmp/test.sh: [OK] Completed.', 'stderr': '', 'rc': 0, 'cmd': ['/tmp/test.sh'], 'start': '2022-04-04 00:37:12.392564', 'end': '2022-04-04 00:37:12.409556', 'delta': '0:00:00.016992', 'msg': '', 'stdout_lines': ['/tmp/test.sh: [OK] Completed.'], 'stderr_lines': [], 'failed': False}
Apr  4 02:37:13 localhost python3[1429632]: ansible-community.general.syslogger Invoked with msg=host03 {'changed': True, 'stdout': '/tmp/test.sh: [OK] Completed.', 'stderr': '', 'rc': 0, 'cmd': ['/tmp/test.sh'], 'start': '2022-04-04 00:37:12.347653', 'end': '2022-04-04 00:37:12.367547', 'delta': '0:00:00.019894', 'msg': '', 'stdout_lines': ['/tmp/test.sh: [OK] Completed.'], 'stderr_lines': [], 'failed': False} ident=ansible_syslogger priority=info facility=daemon log_pid=False
Apr  4 02:37:13 localhost ansible_syslogger: host03 {'changed': True, 'stdout': '/tmp/test.sh: [OK] Completed.', 'stderr': '', 'rc': 0, 'cmd': ['/tmp/test.sh'], 'start': '2022-04-04 00:37:12.347653', 'end': '2022-04-04 00:37:12.367547', 'delta': '0:00:00.019894', 'msg': '', 'stdout_lines': ['/tmp/test.sh: [OK] Completed.'], 'stderr_lines': [], 'failed': False}
根据您的需要调整参数和格式。

剧本输出 
PLAY [Test Playbook] ***********************************************

TASK [Copy test.sh file to remote host] ****************************
ok: [host01]
ok: [host03]
ok: [host02]

TASK [Run test script] *********************************************
changed: [host03]
changed: [host02]
changed: [host01]

TASK [Send results to log] *****************************************
changed: [host01 -> localhost] => (item=host01)
changed: [host01 -> localhost] => (item=host02)
changed: [host01 -> localhost] => (item=host03)

问: “是否可以将消息记录到自定义文件中?”
A:当然,您可以自己编写日志消息。例如
  - name: Write results to file
    ansible.builtin.shell: "echo {{ msg }} >> mylog.ansible"
    vars:
      msg: >-
        {{ '%B %d %H:%M:%S'|strftime }}
        {{ item }}
        {{ hostvars[item].result.stdout }}
    loop: "{{ ansible_play_hosts }}"
    delegate_to: localhost
    run_once: true
写入文件 mylog.ansible
shell> tail -f mylog.ansible 
April 04 07:13:28 host01 /tmp/test.sh: [OK] Completed.
April 04 07:13:29 host02 /tmp/test.sh: [OK] Completed.
April 04 07:13:29 host03 /tmp/test.sh: [OK] Completed.

关于ubuntu - 记录 Ansible 在远程主机上运行 BASH/Python 脚本的日志,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/71730427/

上一篇:docker - Docker : standard_init_linux. 内的 Pip 和 Powershell go:228: exec 用户进程导致:exec 格式错误

下一篇:C++17 根据文件路径自动创建目录

相关文章:

php - JWT 认证 Laravel

md5 - 是否有一种优雅的方法可以使用从服务器获取的 md5 文件在 ansible 中使用 md5 检查文件完整性?

linux - UDP在kubernetes中发送和接收

mysql_install_db 通用消息 为什么?

java - 如何为 Vaadin 服务器和客户端配置一般日志记录?

用于检查目标主机的服务器可达性的ansible playbook

ansible - 参数组的类型为 'dict',我们无法转换为列表

php - 如何在 ubuntu 桌面 12.04 上安装 php 5.4?

python - 在 Ubuntu 上将 Python ODBC 与 Cloudera Impala ODBC 驱动程序一起使用时出现 ParseException 语法错误

java - 禁用 HttpClient 日志记录

©2024 IT工具网  联系我们