I have a playbook that is designed to run a compliance on a firewall. However my knowledge of ansible does not extend to configuring variables and conditional statements …
This is my github site which has a yaml file used to run the compliance check
https://github.com/gefela/ansible_junos
This is what I what to achieve
• If the task ( Syslog server check) is run against the firewall and the output is similar to the content of files/syslog_config … A pass message( i.e This control Syslog server check has been marked as a PASS compliance check) should be printed out and hence captured by Splunk or Elasticsearch.
• However if the task ( Syslog server check) is run against the firewall and the output is different to the content of files/syslog_config . A failure message ( i.e This control Syslog server check has been marked as a Failure and the following lines of configuration is missing (set system syslog host 192.168.100.70 source-address “{{ inventory_hostname }}”.) should be printed out and hence captured by Splunk / ELK.
• In some scenarios , ( Which is not part of the yaml file at the moment ) , the task ( i.e the control check ) might be a configuration line that needs to be absent from the firewall. In this case , a pass message would be printed out if not found.
What extra line of code ( i.e conditionals statements ) do I need to add to the yaml file to make this work ?
I have been advised to add this code but it does not work …
- debug:
var: task- name: print success
debug:
msg: syslog configuration - OK
when: not {{ task.changed }}
- name: print failed
debug:
msg: syslog configuration - failed
when: “{{ task.changed }}”
Please help