Security
Headlines
HeadlinesLatestCVEs

Headline

Kentik for Ansible Automation Platform now certified with Red Hat

The Kentik Collection is now Red Hat Ansible Certified Content, and is available on Ansible automation hub. The highlight of this is Event-Driven Ansible, an event source plugin from Kentik to accept alert notification JSON. This works in conjunction with Event-Driven Ansible Rulebooks to allow users to automate changes to their environment.Event-Driven Ansible offers a scalable and adaptable automation solution that integrates with monitoring tools from various software vendors. These tools oversee IT infrastructures, detecting events and automatically executing predefined changes or response

Red Hat Blog
#web#red_hat#ddos#dos#js#git#ibm

The Kentik Collection is now Red Hat Ansible Certified Content, and is available on Ansible automation hub. The highlight of this is Event-Driven Ansible, an event source plugin from Kentik to accept alert notification JSON. This works in conjunction with Event-Driven Ansible Rulebooks to allow users to automate changes to their environment.

Event-Driven Ansible offers a scalable and adaptable automation solution that integrates with monitoring tools from various software vendors. These tools oversee IT infrastructures, detecting events and automatically executing predefined changes or responses from a rulebook to address those events.

Ansible Rulebook CLI

This command line interface operates Ansible Rulebooks, tracking events and coordinating the execution of playbooks using the established tools of Ansible Automation Platform.

Event-Driven Ansible controller

This tool provides essential management, scalability and monitoring capabilities to enable effective use of Event-Driven Ansible in cloud, on-premise or hybrid environments.

Ansible Content Collections for Event-Driven Ansible

These Ansible Content Collections feature plugin code for a range of available event sources and Ansible Rulebooks designed to quickly kickstart new event-driven automation projects.

Kentik, a network observability leader, is essential for digital businesses, corporate IT and service providers. Network professionals depend on Kentik Observability Cloud for detailed insights and swift searches across network, cloud and internet performance, enhancing network health and security. Trusted by top companies like Box, IBM and Zoom, Kentik offers comprehensive observability to illuminate network operations. Learn more at kentik.com and follow on Twitter/X @kentikinc.

Using JSON notifications

JSON notification channels facilitate the integration of Kentik with external monitoring systems, allowing events identified by Kentik, such as anomalies flagged by its alerting system, to activate third-party actions. These actions might encompass network adjustments, distributed denial of service (DDoS) attack countermeasures or alternative solutions. The JSON payload is posted to the specified webhook URL, where it can be parsed and processed for any desired purpose. For an example of the JSON payload that will be posted, see Sample Alert JSON.

If you prefer a predefined syntax for your notification channels, JSON could be a suitable choice over custom webhooks. It offers a fixed format for the notification payload, devoid of customization options, allowing users a consistent and specified payload structure.

We use the following guidelines:

  • Collection review checklist
  • Ansible development guide
  • Ansible Content Collection development guide

Versions

Compatible with Ansible Core versions 2.14.2 and above, including the latest development version of Ansible. Ansible Core versions prior to 2.14.2 are not supported.

Prerequisites

  • Kentik portal account
  • Ansible Automation Platform with Event-Driven Ansible controller instance

Setting up Event-Driven Ansible webhook

1. Confirm the webhook plugin is activated from the official Ansible Content Collection (ansible.eda.webhook), and use ansible-rulebook version 0.11.0 or later.

2. Develop a rulebook, designating a webhook from the standard Event-Driven Ansible Collection (ansible.eda.webhook) as the event source, and define the listen address and port:

sources:

   - kentik_webhook: # for local tests only. In production use kentik.ansible_eda.kentik_webhook
   
       host: 0.0.0.0
       port: 80

3. In the rules section, configure the required actions. For instance:

- name: Listen for alerts using kentik_webhook
 hosts: all
 
 ## Define our source for events
 
 sources:
   - kentik_webhook: # for local tests only. In production use kentik.ansible_eda.kentik_webhook
       host: 0.0.0.0
       port: 80
       
 ## Define the conditions we are looking for
 
 rules:
   - name: Print out the alert
     condition: event.i == 1
     
     ## Define the action we should take should the condition be met
     
     action:
       run_playbook:
         name: playbooks/example_playbook.yml

Configuring the Kentik JSON notification

The next step is to set up the JSON webhook notification in the Kentik platform. To configure the notification, navigate to Menu >> Settings >> Notifications. From there, click on the blue Add Notification Channel button to bring up the following dialog window:

You will need to give your notification channel a name. The URL will need to be the endpoint that your Event-Driven Ansible plugin is going to listen on. This URL will need to be publicly accessible.

NOTE: Notifications are tied to the thresholds on an alert which are beyond the scope of this blog. For more information on configuring an alert threshold, see the Kentik knowledgebase article Threshold Policy Settings.

See JSON notification settings for more details.

Installing the collection from Ansible Galaxy

Before using this collection, you need to install it with the Ansible Galaxy command-line tool:

ansible-galaxy collection install kentik.ansible_eda

You can also include it in a requirements.yml file and install it with ansible-galaxy collection install -r requirements.yml, using the format:

collections:

 - name: kentik.ansible_eda

Note that if you install the collection from Ansible Galaxy, it will not be upgraded automatically when you upgrade the ansible package. To upgrade the collection to the latest available version, run the following command:

ansible-galaxy collection install kentik.ansible_eda --upgrade

You can also install a specific version of the collection, for example, if you need to downgrade when something is broken in the latest version (please report any issues in this repository).

Use the following syntax to install version 0.1.0:

ansible-galaxy collection install kentik.ansible_eda:==1.0.1

See using Ansible Content Collections for more details.

Next steps

For more information see Kentik, Event-Driven Ansible and Ansible-Rulebook documentation. Or, join the Kentik Community on Slack.

Event-Driven Ansible at a glance

Leverage a robust, integrated platform

Utilize Event-Driven Ansible to enhance efficiency and deliver precise IT services. Select either manual or automatic automation styles for specific tasks using one comprehensive platform.

Foster innovation

Enable teams to focus on their most important and impactful work. Increase business value delivered by IT through various channels like applications, networks, cloud services and edge computing.

Enhance speed and efficiency

Quickly tackle problems before they escalate into serious issues. Improve average resolution times and decrease the effort spent on mundane tasks, freeing up resources for more critical priorities.

Offer flexible implementation

Apply Event-Driven Ansible flexibly across different requirements. Integrate multiple event sources and use YAML to craft conditional rules that execute actions as needed, including the ability to leverage existing playbooks or templates.

Streamline IT adaptability

Use a singular automation platform to standardize repetitive operations across networking, edge technology, infrastructure, DevOps, security and cloud environments.

Maintain consistency

Encode team expertise in Ansible Rulebooks facilitate consistent action every time. Reduce the likelihood of human errors commonly associated with repetitive tasks and fatigue, and tackle configuration discrepancies promptly.

Learn more about Event-Driven Ansible here.

Red Hat Blog: Latest News

Automatically acquire and renew certificates using mod_md and Automated Certificate Management Environment (ACME) in Identity Management (IdM)