Hi, Am 13.04.2017 um 13:20 schrieb ishan jain: > Is there a way in Ansible to create a host level interceptor which does > 'something' in case ansible-playbook command is invoked ? > What i am trying to do here is to get informed periodically about > 'ansible-playbook' command invocations anywhere on my host. There are a > large number of users and playbooks on my host now and as any of them > are capable of changing my target machines,
Sorry but that approach sounds dubious. Solution: don't let everybody, anytime change your "target machines". (Welcome to the world of change management.) > i need to know/track all > ansible-playbook triggers. Parsing the logs can get tedious. I was > thinking maybe there is a way in Ansible to record all commands invoked > in a file that i can then read and know only what playbooks are executed. If you want audits and RBAC: primary choice, obviously, look at Ansible Tower -- if you have only 10 hosts or less; or enough money. secondary choices, if your budget is restricted but you have enough time to fiddle yourself have a look at Openstack Ara and/or Rundeck and/or Jenkins Regards, Benjamin -- FSU Jena | JULIELab.de/Staff/Benjamin+Redling.html vox: +49 3641 9 44323 | fax: +49 3641 9 44321 -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/ad785afd-8f0c-9b79-91fc-e47f9f371a9e%40uni-jena.de. For more options, visit https://groups.google.com/d/optout.
