splunk user group - automating splunk with ansible
DESCRIPTION
A talk I gave at the London Splunk User Group in July of 2014. A brief overview of why choose Ansible over the other options, then some live demos of configuring certain bits of Splunk with Ansible. Intended to be a taster of what's possible. All the Ansible playbooks are shared on Github, the link to which is in the presentation.TRANSCRIPT
Automating Splunk Configuration
Mark Phillips
Topics• Which tool?
• Demo: Configuration storage
• Demo: Enabling forwarding
• Demo: Installing and managing forwarders
• Demo: Maintaining apps
About Me
• Linux tinkerer since 1992
• Automating stuff since 1993
• “Done time” in small organisations through to Investment Banks
• I’m lazy
–Albert Einstein
“Make everything as simple as possible, but not simpler”
Infrastructure as code
Ansible• Agent less
• SSH for transport
• Common language - YAML
• Easy to learn quickly
Learn More• Slides from DevOps Cardif (Puppet vs Chef vs Ansible)
• Blog post I wrote last year
• Splunk's recent blog on Splunk + Ansible
• Get started with Ansible
El Reg: "Are your servers PETS or CATTLE?"
(The Splunk GUI is fine for managing a small estate)
(But as you get larger, really you need more help: automation)
Demos
Github repo used to build the demos: http://github.com/phips/splunkbox/tree/jldemo