Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- TASK [splunk_common : Detect service name] *************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts_service_name.yml for localhost
- Monday 05 February 2024 16:38:10 +0000 (0:00:00.087) 0:00:05.883 *******
- TASK [splunk_common : Setting service_name fact from config] *******************
- ok: [localhost]
- Monday 05 February 2024 16:38:11 +0000 (0:00:00.098) 0:00:05.982 *******
- Monday 05 February 2024 16:38:11 +0000 (0:00:00.052) 0:00:06.035 *******
- Monday 05 February 2024 16:38:11 +0000 (0:00:00.055) 0:00:06.091 *******
- Monday 05 February 2024 16:38:11 +0000 (0:00:00.051) 0:00:06.143 *******
- Monday 05 February 2024 16:38:11 +0000 (0:00:00.054) 0:00:06.197 *******
- Monday 05 February 2024 16:38:11 +0000 (0:00:00.053) 0:00:06.250 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/change_splunk_directory_owner.yml for localhost
- Monday 05 February 2024 16:38:11 +0000 (0:00:00.141) 0:00:06.392 *******
- TASK [splunk_common : Update Splunk directory owner] ***************************
- ok: [localhost]
- Monday 05 February 2024 16:38:15 +0000 (0:00:03.828) 0:00:10.220 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/update_etc.yml for localhost
- Monday 05 February 2024 16:38:15 +0000 (0:00:00.111) 0:00:10.332 *******
- TASK [splunk_common : Check if /sbin/updateetc.sh exists] **********************
- ok: [localhost]
- Monday 05 February 2024 16:38:15 +0000 (0:00:00.491) 0:00:10.824 *******
- TASK [splunk_common : Update /opt/splunk/etc] **********************************
- ok: [localhost]
- Monday 05 February 2024 16:38:16 +0000 (0:00:00.662) 0:00:11.486 *******
- Monday 05 February 2024 16:38:16 +0000 (0:00:00.082) 0:00:11.568 *******
- Monday 05 February 2024 16:38:16 +0000 (0:00:00.084) 0:00:11.652 *******
- Monday 05 February 2024 16:38:16 +0000 (0:00:00.077) 0:00:11.730 *******
- Monday 05 February 2024 16:38:16 +0000 (0:00:00.073) 0:00:11.804 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/remove_first_login.yml for localhost
- Monday 05 February 2024 16:38:16 +0000 (0:00:00.094) 0:00:11.898 *******
- TASK [splunk_common : Create .ui_login] ****************************************
- ok: [localhost]
- Monday 05 February 2024 16:38:17 +0000 (0:00:00.512) 0:00:12.411 *******
- Monday 05 February 2024 16:38:17 +0000 (0:00:00.051) 0:00:12.462 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_splunk_secret.yml for localhost
- Monday 05 February 2024 16:38:17 +0000 (0:00:00.101) 0:00:12.564 *******
- Monday 05 February 2024 16:38:17 +0000 (0:00:00.052) 0:00:12.616 *******
- Monday 05 February 2024 16:38:17 +0000 (0:00:00.057) 0:00:12.674 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_admin_auth.yml for localhost
- Monday 05 February 2024 16:38:17 +0000 (0:00:00.143) 0:00:12.818 *******
- Monday 05 February 2024 16:38:17 +0000 (0:00:00.072) 0:00:12.891 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.076) 0:00:12.967 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.073) 0:00:13.040 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.075) 0:00:13.115 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.074) 0:00:13.190 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.074) 0:00:13.264 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.039) 0:00:13.303 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/pre_splunk_start_commands.yml for localhost
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.107) 0:00:13.411 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.092) 0:00:13.504 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_s2s.yml for localhost
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.114) 0:00:13.619 *******
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.076) 0:00:13.696 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/s2s/configure_splunktcp.yml for localhost
- Monday 05 February 2024 16:38:18 +0000 (0:00:00.111) 0:00:13.807 *******
- TASK [splunk_common : Enable splunktcp input] **********************************
- ok: [localhost]
- Monday 05 February 2024 16:38:19 +0000 (0:00:00.689) 0:00:14.497 *******
- TASK [splunk_common : Remove splunktcp-ssl input] ******************************
- changed: [localhost]
- Monday 05 February 2024 16:38:20 +0000 (0:00:00.472) 0:00:14.970 *******
- TASK [splunk_common : Remove input SSL settings] *******************************
- changed: [localhost]
- Monday 05 February 2024 16:38:20 +0000 (0:00:00.476) 0:00:15.447 *******
- TASK [splunk_common : Reset root CA] *******************************************
- ok: [localhost]
- Monday 05 February 2024 16:38:20 +0000 (0:00:00.453) 0:00:15.900 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/trigger_restart.yml for localhost
- Monday 05 February 2024 16:38:21 +0000 (0:00:00.082) 0:00:15.983 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_splunk_status.yml for localhost
- Monday 05 February 2024 16:38:21 +0000 (0:00:00.064) 0:00:16.048 *******
- TASK [splunk_common : Restrict permissions on splunk.key for Status] ***********
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:38:21 +0000 (0:00:00.074) 0:00:16.122 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:38:21 +0000 (0:00:00.452) 0:00:16.575 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:38:22 +0000 (0:00:00.479) 0:00:17.054 *******
- TASK [splunk_common : Get Splunk status] ***************************************
- ok: [localhost]
- Monday 05 February 2024 16:38:22 +0000 (0:00:00.451) 0:00:17.506 *******
- TASK [splunk_common : Trigger restart] *****************************************
- ok: [localhost]
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.476) 0:00:17.983 *******
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.050) 0:00:18.033 *******
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.078) 0:00:18.111 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_mgmt_port.yml for localhost
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.109) 0:00:18.220 *******
- TASK [splunk_common : Set mgmt port] *******************************************
- ok: [localhost]
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.468) 0:00:18.689 *******
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.057) 0:00:18.747 *******
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.039) 0:00:18.786 *******
- Monday 05 February 2024 16:38:23 +0000 (0:00:00.077) 0:00:18.864 *******
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.080) 0:00:18.945 *******
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.088) 0:00:19.034 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_splunkd_ssl.yml for localhost
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.123) 0:00:19.157 *******
- TASK [splunk_common : Enable Splunkd SSL] **************************************
- ok: [localhost]
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.486) 0:00:19.643 *******
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.040) 0:00:19.684 *******
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.040) 0:00:19.725 *******
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.039) 0:00:19.764 *******
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.038) 0:00:19.803 *******
- Monday 05 February 2024 16:38:24 +0000 (0:00:00.086) 0:00:19.890 *******
- Monday 05 February 2024 16:38:25 +0000 (0:00:00.087) 0:00:19.978 *******
- Monday 05 February 2024 16:38:25 +0000 (0:00:00.040) 0:00:20.018 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/start_splunk.yml for localhost
- Monday 05 February 2024 16:38:25 +0000 (0:00:00.123) 0:00:20.142 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_splunk_status.yml for localhost
- Monday 05 February 2024 16:38:25 +0000 (0:00:00.059) 0:00:20.202 *******
- TASK [splunk_common : Restrict permissions on splunk.key for Status] ***********
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:38:25 +0000 (0:00:00.072) 0:00:20.274 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:38:25 +0000 (0:00:00.488) 0:00:20.762 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:38:26 +0000 (0:00:00.459) 0:00:21.222 *******
- TASK [splunk_common : Get Splunk status] ***************************************
- ok: [localhost]
- Monday 05 February 2024 16:38:26 +0000 (0:00:00.450) 0:00:21.672 *******
- TASK [splunk_common : Cleanup Splunk runtime files] ****************************
- ok: [localhost] => (item=/opt/splunk/var/run/splunk/splunkd.pid)
- changed: [localhost] => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/mongod.lock)
- Monday 05 February 2024 16:38:27 +0000 (0:00:00.866) 0:00:22.539 *******
- TASK [splunk_common : Restrict permissions on splunk.key] **********************
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:38:27 +0000 (0:00:00.077) 0:00:22.616 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:38:28 +0000 (0:00:00.480) 0:00:23.096 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:38:28 +0000 (0:00:00.481) 0:00:23.578 *******
- TASK [splunk_common : Start Splunk via CLI] ************************************
- changed: [localhost]
- Monday 05 February 2024 16:39:01 +0000 (0:00:32.446) 0:00:56.025 *******
- Monday 05 February 2024 16:39:01 +0000 (0:00:00.041) 0:00:56.066 *******
- Monday 05 February 2024 16:39:01 +0000 (0:00:00.041) 0:00:56.108 *******
- TASK [splunk_common : Wait for splunkd management port] ************************
- ok: [localhost]
- Monday 05 February 2024 16:39:01 +0000 (0:00:00.700) 0:00:56.809 *******
- Monday 05 February 2024 16:39:01 +0000 (0:00:00.019) 0:00:56.829 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_certificate_prefix.yml for localhost
- Monday 05 February 2024 16:39:02 +0000 (0:00:00.124) 0:00:56.953 *******
- TASK [splunk_common : Test basic https endpoint] *******************************
- ok: [localhost]
- Monday 05 February 2024 16:39:03 +0000 (0:00:01.291) 0:00:58.245 *******
- TASK [splunk_common : Set url prefix for future REST calls] ********************
- ok: [localhost]
- Monday 05 February 2024 16:39:03 +0000 (0:00:00.120) 0:00:58.366 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/clean_user_seed.yml for localhost
- Monday 05 February 2024 16:39:03 +0000 (0:00:00.172) 0:00:58.539 *******
- TASK [splunk_common : Remove user-seed.conf] ***********************************
- ok: [localhost]
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.502) 0:00:59.041 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/add_splunk_license.yml for localhost
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.163) 0:00:59.205 *******
- TASK [splunk_common : Initialize licenses array] *******************************
- ok: [localhost]
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.125) 0:00:59.330 *******
- TASK [splunk_common : Determine available licenses] ****************************
- ok: [localhost] => (item=splunk.lic)
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.114) 0:00:59.445 *******
- TASK [splunk_common : Apply licenses] ******************************************
- included: /opt/ansible/roles/splunk_common/tasks/apply_licenses.yml for localhost => (item=splunk.lic)
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.128) 0:00:59.573 *******
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.080) 0:00:59.653 *******
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.081) 0:00:59.735 *******
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.043) 0:00:59.779 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/licenses/add_license.yml for localhost
- Monday 05 February 2024 16:39:04 +0000 (0:00:00.116) 0:00:59.895 *******
- Monday 05 February 2024 16:39:05 +0000 (0:00:00.053) 0:00:59.949 *******
- TASK [splunk_common : Ensure license path] *************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:05 +0000 (0:00:00.475) 0:01:00.425 *******
- Monday 05 February 2024 16:39:05 +0000 (0:00:00.039) 0:01:00.464 *******
- Monday 05 February 2024 16:39:05 +0000 (0:00:00.040) 0:01:00.505 *******
- Monday 05 February 2024 16:39:05 +0000 (0:00:00.021) 0:01:00.526 *******
- Monday 05 February 2024 16:39:05 +0000 (0:00:00.093) 0:01:00.620 *******
- TASK [splunk_standalone : include_tasks] ***************************************
- included: /opt/ansible/roles/splunk_standalone/tasks/../../splunk_common/tasks/set_as_hec_receiver.yml for localhost
- Monday 05 February 2024 16:39:05 +0000 (0:00:00.067) 0:01:00.687 *******
- TASK [splunk_standalone : Setup global HEC] ************************************
- fatal: [localhost]: FAILED! => {
- "cache_control": "private",
- "changed": false,
- "connection": "Close",
- "content_length": "130",
- "content_type": "text/xml; charset=UTF-8",
- "date": "Mon, 05 Feb 2024 16:39:06 GMT",
- "elapsed": 0,
- "redirected": false,
- "server": "Splunkd",
- "status": 401,
- "url": "https://127.0.0.1:8089/services/data/inputs/http/http",
- "vary": "Cookie, Authorization",
- "warnings": [
- 0=M 1=o 2=d 3=u 4=l 5=e 6= 7=d 8=i 9=d 10= 11=n 12=o 13=t 14= 15=s 16=e 17=t 18= 19=n 20=o 21=_ 22=l 23=o 24=g 25= 26=f 27=o 28=r 29= 30=p 31=a 32=s 33=s 34=w 35=o 36=r 37=d
- ],
- "www_authenticate": "Basic realm=\"/splunk\"",
- "x_content_type_options": "nosniff",
- "x_frame_options": "SAMEORIGIN"
- }
- MSG:
- Status code was 401 and not [200]: HTTP Error 401: Unauthorized
- PLAY RECAP *********************************************************************
- localhost : ok=68 changed=4 unreachable=0 failed=1 skipped=58 rescued=0 ignored=0
- Monday 05 February 2024 16:39:06 +0000 (0:00:01.130) 0:01:01.818 *******
- ===============================================================================
- splunk_common : Start Splunk via CLI ----------------------------------- 32.45s
- splunk_common : Update Splunk directory owner --------------------------- 3.83s
- Gathering Facts --------------------------------------------------------- 1.46s
- splunk_common : Test basic https endpoint ------------------------------- 1.29s
- splunk_standalone : Setup global HEC ------------------------------------ 1.13s
- splunk_common : Cleanup Splunk runtime files ---------------------------- 0.87s
- splunk_common : Wait for splunkd management port ------------------------ 0.70s
- splunk_common : Enable splunktcp input ---------------------------------- 0.69s
- splunk_common : Find manifests ------------------------------------------ 0.68s
- splunk_common : Update /opt/splunk/etc ---------------------------------- 0.66s
- splunk_common : Check for scloud ---------------------------------------- 0.66s
- splunk_common : Create .ui_login ---------------------------------------- 0.51s
- splunk_common : Remove user-seed.conf ----------------------------------- 0.50s
- splunk_common : Check if /sbin/updateetc.sh exists ---------------------- 0.49s
- splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists --- 0.49s
- splunk_common : Enable Splunkd SSL -------------------------------------- 0.49s
- splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key --- 0.48s
- splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists --- 0.48s
- splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key --- 0.48s
- splunk_common : Trigger restart ----------------------------------------- 0.48s
- [DEPRECATION WARNING]: Ansible will require Python 3.8 or newer on the
- controller starting with Ansible 2.12. Current version: 3.7.16 (default, Feb 1
- 2024, 00:27:11) [GCC 8.5.0 20210514 (Red Hat 8.5.0-20)]. This feature will be
- removed from ansible-core in version 2.12. Deprecation warnings can be disabled
- by setting deprecation_warnings=False in ansible.cfg.
- [DEPRECATION WARNING]: COMMAND_WARNINGS option, the command warnings feature is
- being removed. This feature will be removed from ansible-core in version 2.14.
- Deprecation warnings can be disabled by setting deprecation_warnings=False in
- ansible.cfg.
- [DEPRECATION WARNING]: [defaults]callback_whitelist option, normalizing names
- to new standard, use callbacks_enabled instead. This feature will be removed
- from ansible-core in version 2.15. Deprecation warnings can be disabled by
- setting deprecation_warnings=False in ansible.cfg.
- PLAY [Run default Splunk provisioning] *****************************************
- Monday 05 February 2024 16:39:10 +0000 (0:00:00.205) 0:00:00.205 *******
- TASK [Gathering Facts] *********************************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:11 +0000 (0:00:01.473) 0:00:01.679 *******
- Monday 05 February 2024 16:39:11 +0000 (0:00:00.072) 0:00:01.752 *******
- TASK [Provision role] **********************************************************
- Monday 05 February 2024 16:39:11 +0000 (0:00:00.145) 0:00:01.897 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts.yml for localhost
- Monday 05 February 2024 16:39:12 +0000 (0:00:00.115) 0:00:02.013 *******
- TASK [splunk_common : Set privilege escalation user] ***************************
- ok: [localhost]
- Monday 05 February 2024 16:39:12 +0000 (0:00:00.097) 0:00:02.111 *******
- TASK [splunk_common : Check for scloud] ****************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:12 +0000 (0:00:00.603) 0:00:02.714 *******
- Monday 05 February 2024 16:39:12 +0000 (0:00:00.050) 0:00:02.765 *******
- Monday 05 February 2024 16:39:12 +0000 (0:00:00.038) 0:00:02.803 *******
- TASK [splunk_common : Check for existing installation] *************************
- ok: [localhost]
- Monday 05 February 2024 16:39:13 +0000 (0:00:00.457) 0:00:03.260 *******
- TASK [splunk_common : Set splunk install fact] *********************************
- ok: [localhost]
- Monday 05 February 2024 16:39:13 +0000 (0:00:00.104) 0:00:03.365 *******
- TASK [splunk_common : Check for existing splunk secret] ************************
- ok: [localhost]
- Monday 05 February 2024 16:39:13 +0000 (0:00:00.441) 0:00:03.806 *******
- TASK [splunk_common : Set first run fact] **************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:13 +0000 (0:00:00.098) 0:00:03.904 *******
- TASK [splunk_common : Set splunk_build_type fact] ******************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts_build_type.yml for localhost
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.075) 0:00:03.980 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.038) 0:00:04.019 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.054) 0:00:04.074 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.054) 0:00:04.129 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.054) 0:00:04.183 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.063) 0:00:04.246 *******
- TASK [splunk_common : Set target version fact] *********************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts_target_version.yml for localhost
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.100) 0:00:04.347 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.049) 0:00:04.397 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.050) 0:00:04.448 *******
- Monday 05 February 2024 16:39:14 +0000 (0:00:00.050) 0:00:04.499 *******
- TASK [splunk_common : Find manifests] ******************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.708) 0:00:05.207 *******
- TASK [splunk_common : Set current version fact] ********************************
- ok: [localhost]
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.108) 0:00:05.315 *******
- TASK [splunk_common : Setting upgrade fact] ************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.103) 0:00:05.419 *******
- TASK [splunk_common : Setting indexer cluster fact from config] ****************
- ok: [localhost]
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.097) 0:00:05.517 *******
- TASK [splunk_common : Setting search head cluster fact from config] ************
- ok: [localhost]
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.100) 0:00:05.617 *******
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.038) 0:00:05.655 *******
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.051) 0:00:05.706 *******
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.051) 0:00:05.758 *******
- TASK [splunk_common : Detect service name] *************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts_service_name.yml for localhost
- Monday 05 February 2024 16:39:15 +0000 (0:00:00.088) 0:00:05.846 *******
- TASK [splunk_common : Setting service_name fact from config] *******************
- ok: [localhost]
- Monday 05 February 2024 16:39:16 +0000 (0:00:00.099) 0:00:05.946 *******
- Monday 05 February 2024 16:39:16 +0000 (0:00:00.052) 0:00:05.998 *******
- Monday 05 February 2024 16:39:16 +0000 (0:00:00.052) 0:00:06.051 *******
- Monday 05 February 2024 16:39:16 +0000 (0:00:00.052) 0:00:06.104 *******
- Monday 05 February 2024 16:39:16 +0000 (0:00:00.052) 0:00:06.156 *******
- Monday 05 February 2024 16:39:16 +0000 (0:00:00.053) 0:00:06.210 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/change_splunk_directory_owner.yml for localhost
- Monday 05 February 2024 16:39:16 +0000 (0:00:00.147) 0:00:06.357 *******
- TASK [splunk_common : Update Splunk directory owner] ***************************
- ok: [localhost]
- Monday 05 February 2024 16:39:20 +0000 (0:00:03.799) 0:00:10.157 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/update_etc.yml for localhost
- Monday 05 February 2024 16:39:20 +0000 (0:00:00.109) 0:00:10.266 *******
- TASK [splunk_common : Check if /sbin/updateetc.sh exists] **********************
- ok: [localhost]
- Monday 05 February 2024 16:39:20 +0000 (0:00:00.451) 0:00:10.718 *******
- TASK [splunk_common : Update /opt/splunk/etc] **********************************
- ok: [localhost]
- Monday 05 February 2024 16:39:21 +0000 (0:00:00.684) 0:00:11.403 *******
- Monday 05 February 2024 16:39:21 +0000 (0:00:00.081) 0:00:11.484 *******
- Monday 05 February 2024 16:39:21 +0000 (0:00:00.083) 0:00:11.568 *******
- Monday 05 February 2024 16:39:21 +0000 (0:00:00.079) 0:00:11.647 *******
- Monday 05 February 2024 16:39:21 +0000 (0:00:00.072) 0:00:11.720 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/remove_first_login.yml for localhost
- Monday 05 February 2024 16:39:21 +0000 (0:00:00.092) 0:00:11.812 *******
- TASK [splunk_common : Create .ui_login] ****************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.538) 0:00:12.350 *******
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.049) 0:00:12.399 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_splunk_secret.yml for localhost
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.099) 0:00:12.499 *******
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.056) 0:00:12.556 *******
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.039) 0:00:12.595 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_admin_auth.yml for localhost
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.122) 0:00:12.718 *******
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.072) 0:00:12.790 *******
- Monday 05 February 2024 16:39:22 +0000 (0:00:00.076) 0:00:12.867 *******
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.072) 0:00:12.940 *******
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.078) 0:00:13.018 *******
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.074) 0:00:13.093 *******
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.074) 0:00:13.168 *******
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.039) 0:00:13.207 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/pre_splunk_start_commands.yml for localhost
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.101) 0:00:13.309 *******
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.053) 0:00:13.362 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_s2s.yml for localhost
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.115) 0:00:13.477 *******
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.074) 0:00:13.552 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/s2s/configure_splunktcp.yml for localhost
- Monday 05 February 2024 16:39:23 +0000 (0:00:00.110) 0:00:13.662 *******
- TASK [splunk_common : Enable splunktcp input] **********************************
- ok: [localhost]
- Monday 05 February 2024 16:39:24 +0000 (0:00:00.700) 0:00:14.363 *******
- TASK [splunk_common : Remove splunktcp-ssl input] ******************************
- changed: [localhost]
- Monday 05 February 2024 16:39:24 +0000 (0:00:00.460) 0:00:14.824 *******
- TASK [splunk_common : Remove input SSL settings] *******************************
- changed: [localhost]
- Monday 05 February 2024 16:39:25 +0000 (0:00:00.483) 0:00:15.307 *******
- TASK [splunk_common : Reset root CA] *******************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:25 +0000 (0:00:00.453) 0:00:15.761 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/trigger_restart.yml for localhost
- Monday 05 February 2024 16:39:25 +0000 (0:00:00.085) 0:00:15.846 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_splunk_status.yml for localhost
- Monday 05 February 2024 16:39:25 +0000 (0:00:00.064) 0:00:15.911 *******
- TASK [splunk_common : Restrict permissions on splunk.key for Status] ***********
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:39:26 +0000 (0:00:00.073) 0:00:15.985 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:39:26 +0000 (0:00:00.455) 0:00:16.440 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:39:26 +0000 (0:00:00.491) 0:00:16.932 *******
- TASK [splunk_common : Get Splunk status] ***************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:28 +0000 (0:00:01.477) 0:00:18.409 *******
- TASK [splunk_common : Trigger restart] *****************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:28 +0000 (0:00:00.454) 0:00:18.863 *******
- Monday 05 February 2024 16:39:28 +0000 (0:00:00.054) 0:00:18.918 *******
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.077) 0:00:18.996 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_mgmt_port.yml for localhost
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.109) 0:00:19.105 *******
- TASK [splunk_common : Set mgmt port] *******************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.463) 0:00:19.569 *******
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.050) 0:00:19.620 *******
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.039) 0:00:19.659 *******
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.081) 0:00:19.741 *******
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.076) 0:00:19.818 *******
- Monday 05 February 2024 16:39:29 +0000 (0:00:00.085) 0:00:19.903 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_splunkd_ssl.yml for localhost
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.122) 0:00:20.026 *******
- TASK [splunk_common : Enable Splunkd SSL] **************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.489) 0:00:20.515 *******
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.041) 0:00:20.557 *******
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.039) 0:00:20.597 *******
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.039) 0:00:20.637 *******
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.039) 0:00:20.676 *******
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.084) 0:00:20.761 *******
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.086) 0:00:20.848 *******
- Monday 05 February 2024 16:39:30 +0000 (0:00:00.040) 0:00:20.888 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/start_splunk.yml for localhost
- Monday 05 February 2024 16:39:31 +0000 (0:00:00.123) 0:00:21.011 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_splunk_status.yml for localhost
- Monday 05 February 2024 16:39:31 +0000 (0:00:00.059) 0:00:21.070 *******
- TASK [splunk_common : Restrict permissions on splunk.key for Status] ***********
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:39:31 +0000 (0:00:00.070) 0:00:21.141 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:39:31 +0000 (0:00:00.449) 0:00:21.590 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:39:32 +0000 (0:00:00.459) 0:00:22.050 *******
- TASK [splunk_common : Get Splunk status] ***************************************
- ok: [localhost]
- Monday 05 February 2024 16:39:32 +0000 (0:00:00.460) 0:00:22.510 *******
- TASK [splunk_common : Cleanup Splunk runtime files] ****************************
- ok: [localhost] => (item=/opt/splunk/var/run/splunk/splunkd.pid)
- changed: [localhost] => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/mongod.lock)
- Monday 05 February 2024 16:39:33 +0000 (0:00:00.867) 0:00:23.378 *******
- TASK [splunk_common : Restrict permissions on splunk.key] **********************
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:39:33 +0000 (0:00:00.075) 0:00:23.454 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:39:33 +0000 (0:00:00.462) 0:00:23.916 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:39:34 +0000 (0:00:00.485) 0:00:24.401 *******
- TASK [splunk_common : Start Splunk via CLI] ************************************
- changed: [localhost]
- Monday 05 February 2024 16:40:08 +0000 (0:00:33.780) 0:00:58.182 *******
- Monday 05 February 2024 16:40:08 +0000 (0:00:00.044) 0:00:58.226 *******
- Monday 05 February 2024 16:40:08 +0000 (0:00:00.064) 0:00:58.291 *******
- TASK [splunk_common : Wait for splunkd management port] ************************
- ok: [localhost]
- Monday 05 February 2024 16:40:09 +0000 (0:00:00.737) 0:00:59.028 *******
- Monday 05 February 2024 16:40:09 +0000 (0:00:00.023) 0:00:59.052 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_certificate_prefix.yml for localhost
- Monday 05 February 2024 16:40:09 +0000 (0:00:00.140) 0:00:59.193 *******
- TASK [splunk_common : Test basic https endpoint] *******************************
- ok: [localhost]
- Monday 05 February 2024 16:40:10 +0000 (0:00:01.303) 0:01:00.496 *******
- TASK [splunk_common : Set url prefix for future REST calls] ********************
- ok: [localhost]
- Monday 05 February 2024 16:40:10 +0000 (0:00:00.111) 0:01:00.608 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/clean_user_seed.yml for localhost
- Monday 05 February 2024 16:40:10 +0000 (0:00:00.127) 0:01:00.736 *******
- TASK [splunk_common : Remove user-seed.conf] ***********************************
- ok: [localhost]
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.496) 0:01:01.232 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/add_splunk_license.yml for localhost
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.126) 0:01:01.359 *******
- TASK [splunk_common : Initialize licenses array] *******************************
- ok: [localhost]
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.104) 0:01:01.463 *******
- TASK [splunk_common : Determine available licenses] ****************************
- ok: [localhost] => (item=splunk.lic)
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.145) 0:01:01.609 *******
- TASK [splunk_common : Apply licenses] ******************************************
- included: /opt/ansible/roles/splunk_common/tasks/apply_licenses.yml for localhost => (item=splunk.lic)
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.132) 0:01:01.741 *******
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.073) 0:01:01.815 *******
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.074) 0:01:01.889 *******
- Monday 05 February 2024 16:40:11 +0000 (0:00:00.040) 0:01:01.930 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/licenses/add_license.yml for localhost
- Monday 05 February 2024 16:40:12 +0000 (0:00:00.107) 0:01:02.037 *******
- Monday 05 February 2024 16:40:12 +0000 (0:00:00.052) 0:01:02.090 *******
- TASK [splunk_common : Ensure license path] *************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:12 +0000 (0:00:00.447) 0:01:02.537 *******
- Monday 05 February 2024 16:40:12 +0000 (0:00:00.039) 0:01:02.577 *******
- Monday 05 February 2024 16:40:12 +0000 (0:00:00.040) 0:01:02.617 *******
- Monday 05 February 2024 16:40:12 +0000 (0:00:00.021) 0:01:02.638 *******
- Monday 05 February 2024 16:40:12 +0000 (0:00:00.147) 0:01:02.786 *******
- TASK [splunk_standalone : include_tasks] ***************************************
- included: /opt/ansible/roles/splunk_standalone/tasks/../../splunk_common/tasks/set_as_hec_receiver.yml for localhost
- Monday 05 February 2024 16:40:13 +0000 (0:00:00.183) 0:01:02.970 *******
- TASK [splunk_standalone : Setup global HEC] ************************************
- fatal: [localhost]: FAILED! => {
- "cache_control": "private",
- "changed": false,
- "connection": "Close",
- "content_length": "130",
- "content_type": "text/xml; charset=UTF-8",
- "date": "Mon, 05 Feb 2024 16:40:14 GMT",
- "elapsed": 0,
- "redirected": false,
- "server": "Splunkd",
- "status": 401,
- "url": "https://127.0.0.1:8089/services/data/inputs/http/http",
- "vary": "Cookie, Authorization",
- "warnings": [
- 0=M 1=o 2=d 3=u 4=l 5=e 6= 7=d 8=i 9=d 10= 11=n 12=o 13=t 14= 15=s 16=e 17=t 18= 19=n 20=o 21=_ 22=l 23=o 24=g 25= 26=f 27=o 28=r 29= 30=p 31=a 32=s 33=s 34=w 35=o 36=r 37=d
- ],
- "www_authenticate": "Basic realm=\"/splunk\"",
- "x_content_type_options": "nosniff",
- "x_frame_options": "SAMEORIGIN"
- }
- MSG:
- Status code was 401 and not [200]: HTTP Error 401: Unauthorized
- PLAY RECAP *********************************************************************
- localhost : ok=68 changed=4 unreachable=0 failed=1 skipped=58 rescued=0 ignored=0
- Monday 05 February 2024 16:40:14 +0000 (0:00:01.592) 0:01:04.562 *******
- ===============================================================================
- splunk_common : Start Splunk via CLI ----------------------------------- 33.78s
- splunk_common : Update Splunk directory owner --------------------------- 3.80s
- splunk_standalone : Setup global HEC ------------------------------------ 1.59s
- splunk_common : Get Splunk status --------------------------------------- 1.48s
- Gathering Facts --------------------------------------------------------- 1.47s
- splunk_common : Test basic https endpoint ------------------------------- 1.30s
- splunk_common : Cleanup Splunk runtime files ---------------------------- 0.87s
- splunk_common : Wait for splunkd management port ------------------------ 0.74s
- splunk_common : Find manifests ------------------------------------------ 0.71s
- splunk_common : Enable splunktcp input ---------------------------------- 0.70s
- splunk_common : Update /opt/splunk/etc ---------------------------------- 0.68s
- splunk_common : Check for scloud ---------------------------------------- 0.60s
- splunk_common : Create .ui_login ---------------------------------------- 0.54s
- splunk_common : Remove user-seed.conf ----------------------------------- 0.50s
- splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key --- 0.49s
- splunk_common : Enable Splunkd SSL -------------------------------------- 0.49s
- splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key --- 0.49s
- splunk_common : Remove input SSL settings ------------------------------- 0.48s
- splunk_common : Set mgmt port ------------------------------------------- 0.46s
- splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists --- 0.46s
- [DEPRECATION WARNING]: Ansible will require Python 3.8 or newer on the
- controller starting with Ansible 2.12. Current version: 3.7.16 (default, Feb 1
- 2024, 00:27:11) [GCC 8.5.0 20210514 (Red Hat 8.5.0-20)]. This feature will be
- removed from ansible-core in version 2.12. Deprecation warnings can be disabled
- by setting deprecation_warnings=False in ansible.cfg.
- [DEPRECATION WARNING]: COMMAND_WARNINGS option, the command warnings feature is
- being removed. This feature will be removed from ansible-core in version 2.14.
- Deprecation warnings can be disabled by setting deprecation_warnings=False in
- ansible.cfg.
- [DEPRECATION WARNING]: [defaults]callback_whitelist option, normalizing names
- to new standard, use callbacks_enabled instead. This feature will be removed
- from ansible-core in version 2.15. Deprecation warnings can be disabled by
- setting deprecation_warnings=False in ansible.cfg.
- PLAY [Run default Splunk provisioning] *****************************************
- Monday 05 February 2024 16:40:17 +0000 (0:00:00.220) 0:00:00.220 *******
- TASK [Gathering Facts] *********************************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:19 +0000 (0:00:01.500) 0:00:01.720 *******
- Monday 05 February 2024 16:40:19 +0000 (0:00:00.074) 0:00:01.795 *******
- TASK [Provision role] **********************************************************
- Monday 05 February 2024 16:40:19 +0000 (0:00:00.148) 0:00:01.944 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts.yml for localhost
- Monday 05 February 2024 16:40:19 +0000 (0:00:00.115) 0:00:02.059 *******
- TASK [splunk_common : Set privilege escalation user] ***************************
- ok: [localhost]
- Monday 05 February 2024 16:40:19 +0000 (0:00:00.097) 0:00:02.157 *******
- TASK [splunk_common : Check for scloud] ****************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:20 +0000 (0:00:00.611) 0:00:02.768 *******
- Monday 05 February 2024 16:40:20 +0000 (0:00:00.052) 0:00:02.821 *******
- Monday 05 February 2024 16:40:20 +0000 (0:00:00.037) 0:00:02.859 *******
- TASK [splunk_common : Check for existing installation] *************************
- ok: [localhost]
- Monday 05 February 2024 16:40:20 +0000 (0:00:00.462) 0:00:03.322 *******
- TASK [splunk_common : Set splunk install fact] *********************************
- ok: [localhost]
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.108) 0:00:03.430 *******
- TASK [splunk_common : Check for existing splunk secret] ************************
- ok: [localhost]
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.449) 0:00:03.879 *******
- TASK [splunk_common : Set first run fact] **************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.099) 0:00:03.978 *******
- TASK [splunk_common : Set splunk_build_type fact] ******************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts_build_type.yml for localhost
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.075) 0:00:04.054 *******
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.037) 0:00:04.092 *******
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.057) 0:00:04.150 *******
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.084) 0:00:04.234 *******
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.063) 0:00:04.298 *******
- Monday 05 February 2024 16:40:21 +0000 (0:00:00.053) 0:00:04.352 *******
- TASK [splunk_common : Set target version fact] *********************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts_target_version.yml for localhost
- Monday 05 February 2024 16:40:22 +0000 (0:00:00.096) 0:00:04.449 *******
- Monday 05 February 2024 16:40:22 +0000 (0:00:00.050) 0:00:04.500 *******
- Monday 05 February 2024 16:40:22 +0000 (0:00:00.050) 0:00:04.551 *******
- Monday 05 February 2024 16:40:22 +0000 (0:00:00.049) 0:00:04.600 *******
- TASK [splunk_common : Find manifests] ******************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:22 +0000 (0:00:00.664) 0:00:05.265 *******
- TASK [splunk_common : Set current version fact] ********************************
- ok: [localhost]
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.114) 0:00:05.379 *******
- TASK [splunk_common : Setting upgrade fact] ************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.109) 0:00:05.488 *******
- TASK [splunk_common : Setting indexer cluster fact from config] ****************
- ok: [localhost]
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.097) 0:00:05.586 *******
- TASK [splunk_common : Setting search head cluster fact from config] ************
- ok: [localhost]
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.098) 0:00:05.684 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.037) 0:00:05.722 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.051) 0:00:05.774 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.052) 0:00:05.826 *******
- TASK [splunk_common : Detect service name] *************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_facts_service_name.yml for localhost
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.088) 0:00:05.915 *******
- TASK [splunk_common : Setting service_name fact from config] *******************
- ok: [localhost]
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.100) 0:00:06.016 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.052) 0:00:06.068 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.052) 0:00:06.121 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.053) 0:00:06.174 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.053) 0:00:06.228 *******
- Monday 05 February 2024 16:40:23 +0000 (0:00:00.054) 0:00:06.282 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/change_splunk_directory_owner.yml for localhost
- Monday 05 February 2024 16:40:24 +0000 (0:00:00.147) 0:00:06.429 *******
- TASK [splunk_common : Update Splunk directory owner] ***************************
- ok: [localhost]
- Monday 05 February 2024 16:40:27 +0000 (0:00:03.820) 0:00:10.249 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/update_etc.yml for localhost
- Monday 05 February 2024 16:40:27 +0000 (0:00:00.120) 0:00:10.370 *******
- TASK [splunk_common : Check if /sbin/updateetc.sh exists] **********************
- ok: [localhost]
- Monday 05 February 2024 16:40:28 +0000 (0:00:00.474) 0:00:10.844 *******
- TASK [splunk_common : Update /opt/splunk/etc] **********************************
- ok: [localhost]
- Monday 05 February 2024 16:40:29 +0000 (0:00:00.663) 0:00:11.508 *******
- Monday 05 February 2024 16:40:29 +0000 (0:00:00.082) 0:00:11.591 *******
- Monday 05 February 2024 16:40:29 +0000 (0:00:00.124) 0:00:11.715 *******
- Monday 05 February 2024 16:40:29 +0000 (0:00:00.076) 0:00:11.791 *******
- Monday 05 February 2024 16:40:29 +0000 (0:00:00.077) 0:00:11.869 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/remove_first_login.yml for localhost
- Monday 05 February 2024 16:40:29 +0000 (0:00:00.091) 0:00:11.960 *******
- TASK [splunk_common : Create .ui_login] ****************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.490) 0:00:12.451 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.050) 0:00:12.501 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_splunk_secret.yml for localhost
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.103) 0:00:12.605 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.053) 0:00:12.658 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.039) 0:00:12.697 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_admin_auth.yml for localhost
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.122) 0:00:12.820 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.071) 0:00:12.892 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.079) 0:00:12.972 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.082) 0:00:13.054 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.075) 0:00:13.130 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.076) 0:00:13.206 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.085) 0:00:13.292 *******
- Monday 05 February 2024 16:40:30 +0000 (0:00:00.042) 0:00:13.334 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/pre_splunk_start_commands.yml for localhost
- Monday 05 February 2024 16:40:31 +0000 (0:00:00.102) 0:00:13.436 *******
- Monday 05 February 2024 16:40:31 +0000 (0:00:00.064) 0:00:13.501 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_s2s.yml for localhost
- Monday 05 February 2024 16:40:31 +0000 (0:00:00.115) 0:00:13.616 *******
- Monday 05 February 2024 16:40:31 +0000 (0:00:00.074) 0:00:13.691 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/s2s/configure_splunktcp.yml for localhost
- Monday 05 February 2024 16:40:31 +0000 (0:00:00.112) 0:00:13.803 *******
- TASK [splunk_common : Enable splunktcp input] **********************************
- ok: [localhost]
- Monday 05 February 2024 16:40:32 +0000 (0:00:00.695) 0:00:14.498 *******
- TASK [splunk_common : Remove splunktcp-ssl input] ******************************
- changed: [localhost]
- Monday 05 February 2024 16:40:32 +0000 (0:00:00.455) 0:00:14.954 *******
- TASK [splunk_common : Remove input SSL settings] *******************************
- changed: [localhost]
- Monday 05 February 2024 16:40:33 +0000 (0:00:00.450) 0:00:15.404 *******
- TASK [splunk_common : Reset root CA] *******************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:33 +0000 (0:00:00.458) 0:00:15.863 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/trigger_restart.yml for localhost
- Monday 05 February 2024 16:40:33 +0000 (0:00:00.087) 0:00:15.951 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_splunk_status.yml for localhost
- Monday 05 February 2024 16:40:33 +0000 (0:00:00.063) 0:00:16.014 *******
- TASK [splunk_common : Restrict permissions on splunk.key for Status] ***********
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:40:33 +0000 (0:00:00.073) 0:00:16.088 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:40:34 +0000 (0:00:00.439) 0:00:16.528 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:40:34 +0000 (0:00:00.485) 0:00:17.014 *******
- TASK [splunk_common : Get Splunk status] ***************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:36 +0000 (0:00:01.498) 0:00:18.512 *******
- TASK [splunk_common : Trigger restart] *****************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:36 +0000 (0:00:00.464) 0:00:18.977 *******
- Monday 05 February 2024 16:40:36 +0000 (0:00:00.054) 0:00:19.031 *******
- Monday 05 February 2024 16:40:36 +0000 (0:00:00.077) 0:00:19.109 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/set_mgmt_port.yml for localhost
- Monday 05 February 2024 16:40:36 +0000 (0:00:00.109) 0:00:19.218 *******
- TASK [splunk_common : Set mgmt port] *******************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:37 +0000 (0:00:00.475) 0:00:19.694 *******
- Monday 05 February 2024 16:40:37 +0000 (0:00:00.049) 0:00:19.743 *******
- Monday 05 February 2024 16:40:37 +0000 (0:00:00.039) 0:00:19.782 *******
- Monday 05 February 2024 16:40:37 +0000 (0:00:00.077) 0:00:19.860 *******
- Monday 05 February 2024 16:40:37 +0000 (0:00:00.077) 0:00:19.937 *******
- Monday 05 February 2024 16:40:37 +0000 (0:00:00.085) 0:00:20.022 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/enable_splunkd_ssl.yml for localhost
- Monday 05 February 2024 16:40:37 +0000 (0:00:00.123) 0:00:20.145 *******
- TASK [splunk_common : Enable Splunkd SSL] **************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.490) 0:00:20.636 *******
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.039) 0:00:20.675 *******
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.039) 0:00:20.715 *******
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.039) 0:00:20.755 *******
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.039) 0:00:20.794 *******
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.085) 0:00:20.879 *******
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.091) 0:00:20.971 *******
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.040) 0:00:21.011 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/start_splunk.yml for localhost
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.123) 0:00:21.135 *******
- TASK [splunk_common : include_tasks] *******************************************
- included: /opt/ansible/roles/splunk_common/tasks/get_splunk_status.yml for localhost
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.060) 0:00:21.195 *******
- TASK [splunk_common : Restrict permissions on splunk.key for Status] ***********
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:40:38 +0000 (0:00:00.070) 0:00:21.266 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:40:39 +0000 (0:00:00.467) 0:00:21.733 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:40:39 +0000 (0:00:00.456) 0:00:22.189 *******
- TASK [splunk_common : Get Splunk status] ***************************************
- ok: [localhost]
- Monday 05 February 2024 16:40:40 +0000 (0:00:00.462) 0:00:22.651 *******
- TASK [splunk_common : Cleanup Splunk runtime files] ****************************
- ok: [localhost] => (item=/opt/splunk/var/run/splunk/splunkd.pid)
- changed: [localhost] => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/mongod.lock)
- Monday 05 February 2024 16:40:41 +0000 (0:00:00.863) 0:00:23.515 *******
- TASK [splunk_common : Restrict permissions on splunk.key] **********************
- included: /opt/ansible/roles/splunk_common/tasks/restrict_permissions.yml for localhost => (item=/opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key)
- Monday 05 February 2024 16:40:41 +0000 (0:00:00.082) 0:00:23.597 *******
- TASK [splunk_common : Check if /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key exists] ***
- ok: [localhost]
- Monday 05 February 2024 16:40:41 +0000 (0:00:00.451) 0:00:24.049 *******
- TASK [splunk_common : Restrict permissions on /opt/splunk/var/lib/splunk/kvstore/mongo/splunk.key] ***
- ok: [localhost]
- Monday 05 February 2024 16:40:42 +0000 (0:00:00.483) 0:00:24.532 *******
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement