标签:count ok 登录 192.168 ansible ssh login
hosts
[centos-root]
192.168.174.129 ansible_ssh_port=22
192.168.174.130 ansible_ssh_port=22
192.168.174.131 ansible_ssh_port=22
Ansible Vault 文件
创建 Ansible Vault 文件
# ansible-vault create passwords.yml
New Vault password: # 12345678
Confirm New Vault password:
编辑 Ansible Vault 文件
# ansible-vault edit passwords.yml
Vault password:
passwords.yml
hosts_passwords:
192.168.174.129:
currently_yunwei_password: yunwei*_129
192.168.174.130:
currently_yunwei_password: yunwei*_130
192.168.174.131:
currently_yunwei_password: yunwei*_131
playbook
ssh_login_stats.yaml
- hosts: centos
remote_user: yunwei
gather_facts: no # 禁用 Ansible 在执行任务之前从目标主机中收集信息
become: yes
become_method: sudo
become_user: root
vars_files:
- passwords.yml
vars:
ansible_ssh_pass: "{{ hosts_passwords[inventory_hostname].currently_yunwei_password }}"
ansible_become_pass: "{{ ansible_ssh_pass }}"
tasks:
- name: Count SSH logins on April 12
shell: "grep 'Apr 12' /var/log/secure | grep 'sshd'"
register: ssh_log_content
ignore_errors: yes
# 统计成功和失败的 SSH 登录次数
- set_fact:
success_count: "{{ ssh_log_content.stdout | regex_findall('Accepted password') | length }}"
failure_count: "{{ ssh_log_content.stdout | regex_findall('Failed password') | length }}"
# 格式化要写入文件的内容,去掉换行符
- set_fact:
log_content: "{{ inventory_hostname }} login success count is: {{ success_count }}, login failure count is: {{ failure_count }}"
# 将 SSH 登录次数保存到本地文件
- name: Append SSH login counts on April 12 to file
delegate_to: localhost # 在本地执行任务,结果写入本地文件。而不会分散在不同的远程主机文件中。
lineinfile:
path: /root/ssh_login_counts_centos_apr12.txt
line: "{{ log_content | regex_replace('(\n|\r)', '') }}"
insertafter: EOF
create: yes
测试 playbook
# ansible-playbook -i hosts ssh_login_stats.yaml --ask-vault-pass
Vault password:
PLAY [centos] *****************************************************************************************************************************************************************
TASK [Gathering Facts] ********************************************************************************************************************************************************
ok: [192.168.174.131]
ok: [192.168.174.130]
ok: [192.168.174.129]
TASK [Count SSH logins on April 12] *******************************************************************************************************************************************
changed: [192.168.174.129]
changed: [192.168.174.131]
changed: [192.168.174.130]
TASK [set_fact] ***************************************************************************************************************************************************************
ok: [192.168.174.129]
ok: [192.168.174.130]
ok: [192.168.174.131]
TASK [set_fact] ***************************************************************************************************************************************************************
ok: [192.168.174.129]
ok: [192.168.174.130]
ok: [192.168.174.131]
TASK [Append SSH login counts on April 12 to file] ****************************************************************************************************************************
ok: [192.168.174.131 -> localhost]
ok: [192.168.174.130 -> localhost]
ok: [192.168.174.129 -> localhost]
PLAY RECAP ********************************************************************************************************************************************************************
192.168.174.129 : ok=5 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.174.130 : ok=5 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
192.168.174.131 : ok=5 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
确认结果
192.168.174.131 login success count is: 87, login failure count is: 14
192.168.174.130 login success count is: 84, login failure count is: 4
192.168.174.129 login success count is: 29, login failure count is: 2
标签:count,
ok,
登录,
192.168,
ansible,
ssh,
login
From: https://www.cnblogs.com/wangguishe/p/18131809