diff --git a/pyproject.toml b/pyproject.toml index dbc61c7fa..5086da568 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,34 +1,32 @@ [tool.poetry] name = "attack-range" -version = "3.1.0" +version = "3.1.2" description = "" authors = ["P4T12ICK "] [tool.poetry.dependencies] -python = "^3.8" -ansible = "^5.6.0" +python = "^3.10" +ansible = "^10.3.0" pywinrm = "^0.4.2" -PyYAML = "^6.0" +PyYAML = "^6.0.2" colorama = "^0.4.4" python-terraform = "^0.10.1" tabulate = "^0.8.9" -boto3 = "^1.22.6" -atomic-operator = "^0.8.5" -ansible-runner = "^2.2.0" -azure-mgmt-resource = "^21.1.0" -azure-mgmt-network = "^19.3.0" -azure-mgmt-compute = "^26.1.0" -azure-identity = "^1.10.0" -splunk-sdk = "^1.6.19" -urllib3 = "^1.26.9" -pycryptodome = "^3.14.1" -questionary = "^1.10.0" -Jinja2 = "^3.1.2" +boto3 = "^1.35.10" +atomic-operator = "^0.9.0" +ansible-runner = "^2.4.0" +azure-mgmt-resource = "^23.1.1" +azure-mgmt-network = "^26.0.0" +azure-mgmt-compute = "^33.0.0" +azure-identity = "^1.17.1" +splunk-sdk = "^2.0.2" +urllib3 = "^2.2.2" +pycryptodome = "^3.20.0" +questionary = "^2.0.1" +Jinja2 = "^3.1.4" python-vagrant = "^1.0.0" - -# Fix issue with docutils ".post1" release -# https://github.com/python-poetry/poetry/issues/9293#issuecomment-2048205226 gitpython = "^3.1.43" + [[tool.poetry.source]] name = "pypi-public" url = "https://pypi.org/simple/" diff --git a/scripts/helpers/attack_range_apps.py b/scripts/helpers/attack_range_apps.py index dd6bbb260..e6c7dfe8a 100644 --- a/scripts/helpers/attack_range_apps.py +++ b/scripts/helpers/attack_range_apps.py @@ -59,6 +59,10 @@ "name": "Snort 3 JSON Alerts", "url": "https://splunkbase.splunk.com/app/4633", }, + { + "name": "VMware Carbon Black Cloud", + "url": "https://splunkbase.splunk.com/app/5332", + }, ] ATTACK_RANGE_LOCAL_APPS = [ diff --git a/terraform/ansible/roles/azure_logging/tasks/main.yml b/terraform/ansible/roles/azure_logging/tasks/main.yml index dbeeb8073..1318f830e 100644 --- a/terraform/ansible/roles/azure_logging/tasks/main.yml +++ b/terraform/ansible/roles/azure_logging/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: azure_logging.yml +- include_tasks: azure_logging.yml when: general.cloud_provider == "azure" \ No newline at end of file diff --git a/terraform/ansible/roles/carbon_black_cloud_logs/tasks/main.yml b/terraform/ansible/roles/carbon_black_cloud_logs/tasks/main.yml index 779a355a0..18b4f0f8a 100644 --- a/terraform/ansible/roles/carbon_black_cloud_logs/tasks/main.yml +++ b/terraform/ansible/roles/carbon_black_cloud_logs/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: config.yml +- include_tasks: config.yml when: general.carbon_black_cloud == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/main.yml b/terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/main.yml index a81a6adcd..0b0a96d0f 100644 --- a/terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/main.yml +++ b/terraform/ansible/roles/cisco_secure_endpoint_logs/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: config.yml +- include_tasks: config.yml when: general.cisco_secure_endpoint == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/cloudtrail_logs/tasks/main.yml b/terraform/ansible/roles/cloudtrail_logs/tasks/main.yml index bc67e6ec3..9a289dcee 100644 --- a/terraform/ansible/roles/cloudtrail_logs/tasks/main.yml +++ b/terraform/ansible/roles/cloudtrail_logs/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: configure_inputs.yml +- include_tasks: configure_inputs.yml when: general.cloud_provider == "aws" \ No newline at end of file diff --git a/terraform/ansible/roles/contentctl/tasks/main.yml b/terraform/ansible/roles/contentctl/tasks/main.yml index 092da63c7..506940ffc 100644 --- a/terraform/ansible/roles/contentctl/tasks/main.yml +++ b/terraform/ansible/roles/contentctl/tasks/main.yml @@ -1,7 +1,7 @@ --- -- include: docker.yml +- include_tasks: docker.yml when: general.install_contentctl == "1" -- include: contentctl.yml +- include_tasks: contentctl.yml when: general.install_contentctl == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/create_domain_controller/tasks/main.yml b/terraform/ansible/roles/create_domain_controller/tasks/main.yml index a38dc63e9..6b954625b 100644 --- a/terraform/ansible/roles/create_domain_controller/tasks/main.yml +++ b/terraform/ansible/roles/create_domain_controller/tasks/main.yml @@ -1,3 +1,3 @@ -- include: windows-create-domain.yml +- include_tasks: windows-create-domain.yml when: windows_servers.create_domain == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/create_domain_controller/tasks/windows-create-domain.yml b/terraform/ansible/roles/create_domain_controller/tasks/windows-create-domain.yml index aec54e323..d4cf1a372 100644 --- a/terraform/ansible/roles/create_domain_controller/tasks/windows-create-domain.yml +++ b/terraform/ansible/roles/create_domain_controller/tasks/windows-create-domain.yml @@ -4,8 +4,8 @@ win_feature: name: DNS state: present - include_management_tools: yes - include_sub_features: yes + include_tasks_management_tools: yes + include_tasks_sub_features: yes register: _windows_dns_server - name: reboot | Rebooting Server @@ -29,8 +29,8 @@ - name: features | Installing AD Domain Services win_feature: name: AD-Domain-Services - include_management_tools: yes - include_sub_features: yes + include_tasks_management_tools: yes + include_tasks_sub_features: yes state: present - name: Creating a windows domain diff --git a/terraform/ansible/roles/crowdstrike_falcon_logging/tasks/main.yml b/terraform/ansible/roles/crowdstrike_falcon_logging/tasks/main.yml index 14e23898c..c96ba25b7 100644 --- a/terraform/ansible/roles/crowdstrike_falcon_logging/tasks/main.yml +++ b/terraform/ansible/roles/crowdstrike_falcon_logging/tasks/main.yml @@ -1,6 +1,6 @@ --- -- include: config.yml +- include_tasks: config.yml when: general.crowdstrike_falcon == "1" - name: restart splunk diff --git a/terraform/ansible/roles/guacamole/tasks/main.yml b/terraform/ansible/roles/guacamole/tasks/main.yml index befc4a8ef..8ffa0c96a 100644 --- a/terraform/ansible/roles/guacamole/tasks/main.yml +++ b/terraform/ansible/roles/guacamole/tasks/main.yml @@ -1,7 +1,7 @@ --- -- include: install_packages.yml -- include: setup_tomcat.yml -- include: guacamole_server.yml -- include: guacamole_client.yml -- include: guacamole_server_post.yml \ No newline at end of file +- include_tasks: install_packages.yml +- include_tasks: setup_tomcat.yml +- include_tasks: guacamole_server.yml +- include_tasks: guacamole_client.yml +- include_tasks: guacamole_server_post.yml \ No newline at end of file diff --git a/terraform/ansible/roles/join_domain/tasks/main.yaml b/terraform/ansible/roles/join_domain/tasks/main.yaml index 96be9ec1c..0e51d804e 100644 --- a/terraform/ansible/roles/join_domain/tasks/main.yaml +++ b/terraform/ansible/roles/join_domain/tasks/main.yaml @@ -1,9 +1,9 @@ -- include: create.yml +- include_tasks: create.yml when: windows_servers.join_domain == "1" and general.cloud_provider != "local" -- include: create_local.yml +- include_tasks: create_local.yml when: windows_servers.join_domain == "1" and general.cloud_provider == "local" -- include: windows-disable-firewall.yml +- include_tasks: windows-disable-firewall.yml when: windows_servers.join_domain == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/linux_common/tasks/main.yml b/terraform/ansible/roles/linux_common/tasks/main.yml index 573f6a4ef..ab791db22 100644 --- a/terraform/ansible/roles/linux_common/tasks/main.yml +++ b/terraform/ansible/roles/linux_common/tasks/main.yml @@ -1,6 +1,6 @@ --- -#- include: set-hostname.yml -#- include: update_packages.yml -- include: disable-dnssec.yml -- include: disable-autoupgrade.yml -- include: update_sshd_config.yml \ No newline at end of file +#- include_tasks: set-hostname.yml +#- include_tasks: update_packages.yml +- include_tasks: disable-dnssec.yml +- include_tasks: disable-autoupgrade.yml +- include_tasks: update_sshd_config.yml \ No newline at end of file diff --git a/terraform/ansible/roles/linux_install_auditd/tasks/main.yml b/terraform/ansible/roles/linux_install_auditd/tasks/main.yml index 30ba0b111..32693ec2a 100644 --- a/terraform/ansible/roles/linux_install_auditd/tasks/main.yml +++ b/terraform/ansible/roles/linux_install_auditd/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: install_auditd.yml -- include: configure_inputs_splunk.yml \ No newline at end of file +- include_tasks: install_auditd.yml +- include_tasks: configure_inputs_splunk.yml \ No newline at end of file diff --git a/terraform/ansible/roles/linux_osquery/tasks/main.yml b/terraform/ansible/roles/linux_osquery/tasks/main.yml index 29d3b2b8e..2c46606a6 100644 --- a/terraform/ansible/roles/linux_osquery/tasks/main.yml +++ b/terraform/ansible/roles/linux_osquery/tasks/main.yml @@ -1,7 +1,7 @@ --- -- include: install_osquery_linux.yml -- include: collect_osquery_logs.yml +- include_tasks: install_osquery_linux.yml +- include_tasks: collect_osquery_logs.yml - name: Restart splunk uf become: true diff --git a/terraform/ansible/roles/linux_server_post/tasks/main.yml b/terraform/ansible/roles/linux_server_post/tasks/main.yml index fafeb3fda..74cbaffc2 100644 --- a/terraform/ansible/roles/linux_server_post/tasks/main.yml +++ b/terraform/ansible/roles/linux_server_post/tasks/main.yml @@ -1,3 +1,3 @@ --- -- include: change_splunk_password.yml \ No newline at end of file +- include_tasks: change_splunk_password.yml \ No newline at end of file diff --git a/terraform/ansible/roles/linux_sysmon/tasks/main.yml b/terraform/ansible/roles/linux_sysmon/tasks/main.yml index abc604903..45cb131b2 100644 --- a/terraform/ansible/roles/linux_sysmon/tasks/main.yml +++ b/terraform/ansible/roles/linux_sysmon/tasks/main.yml @@ -1,7 +1,7 @@ --- -- include: install_sysmon_linux.yml -- include: configure_inputs.yml +- include_tasks: install_sysmon_linux.yml +- include_tasks: configure_inputs.yml - name: Restart splunk uf become: true diff --git a/terraform/ansible/roles/linux_universal_forwarder/tasks/main.yml b/terraform/ansible/roles/linux_universal_forwarder/tasks/main.yml index 09146107b..cce9a0652 100644 --- a/terraform/ansible/roles/linux_universal_forwarder/tasks/main.yml +++ b/terraform/ansible/roles/linux_universal_forwarder/tasks/main.yml @@ -1,3 +1,3 @@ --- -- include: install_universal_forwarder.yml \ No newline at end of file +- include_tasks: install_universal_forwarder.yml \ No newline at end of file diff --git a/terraform/ansible/roles/nginx_web_proxy/tasks/main.yml b/terraform/ansible/roles/nginx_web_proxy/tasks/main.yml index 083cacce0..2731f6854 100644 --- a/terraform/ansible/roles/nginx_web_proxy/tasks/main.yml +++ b/terraform/ansible/roles/nginx_web_proxy/tasks/main.yml @@ -1,7 +1,7 @@ --- -- include: nginx_web_proxy.yml -- include: configure_inputs.yml +- include_tasks: nginx_web_proxy.yml +- include_tasks: configure_inputs.yml - name: Restart splunk uf become: true diff --git a/terraform/ansible/roles/phantom/tasks/main.yml b/terraform/ansible/roles/phantom/tasks/main.yml index 133194d8e..5a4ea4a7e 100644 --- a/terraform/ansible/roles/phantom/tasks/main.yml +++ b/terraform/ansible/roles/phantom/tasks/main.yml @@ -1,17 +1,17 @@ --- # This playbook contains common tasks in this role -- include: install_phantom_aws.yml +- include_tasks: install_phantom_aws.yml when: general.cloud_provider == "aws" -- include: install_phantom_azure.yml +- include_tasks: install_phantom_azure.yml when: general.cloud_provider == "azure" -- include: install_phantom_local.yml +- include_tasks: install_phantom_local.yml when: general.cloud_provider == "local" -- include: configure_phantom.yml +- include_tasks: configure_phantom.yml when: phantom_server.phantom_app | regex_search("splunk_soar-unpriv-6") -- include: configure_phantom_old.yml +- include_tasks: configure_phantom_old.yml when: phantom_server.phantom_app | regex_search("splunk_soar-unpriv-5") \ No newline at end of file diff --git a/terraform/ansible/roles/phantom_byo_splunk/tasks/main.yml b/terraform/ansible/roles/phantom_byo_splunk/tasks/main.yml index d0bdf57db..4aa6df82d 100644 --- a/terraform/ansible/roles/phantom_byo_splunk/tasks/main.yml +++ b/terraform/ansible/roles/phantom_byo_splunk/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: config.yml +- include_tasks: config.yml when: phantom_server.phantom_byo == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/snort/tasks/main.yml b/terraform/ansible/roles/snort/tasks/main.yml index 392c67ac2..cc0068515 100644 --- a/terraform/ansible/roles/snort/tasks/main.yml +++ b/terraform/ansible/roles/snort/tasks/main.yml @@ -1,6 +1,6 @@ --- -- include: install_snort.yml -- include: configure_network_interface.yml -- include: configure_snort.yml -- include: configure_splunk_input.yml \ No newline at end of file +- include_tasks: install_snort.yml +- include_tasks: configure_network_interface.yml +- include_tasks: configure_snort.yml +- include_tasks: configure_splunk_input.yml \ No newline at end of file diff --git a/terraform/ansible/roles/splunk_byo_linux/tasks/main.yml b/terraform/ansible/roles/splunk_byo_linux/tasks/main.yml index 9a8de66fc..deb07677f 100644 --- a/terraform/ansible/roles/splunk_byo_linux/tasks/main.yml +++ b/terraform/ansible/roles/splunk_byo_linux/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: config.yml +- include_tasks: config.yml when: splunk_server.byo_splunk == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/splunk_byo_windows/tasks/main.yml b/terraform/ansible/roles/splunk_byo_windows/tasks/main.yml index 9a8de66fc..deb07677f 100644 --- a/terraform/ansible/roles/splunk_byo_windows/tasks/main.yml +++ b/terraform/ansible/roles/splunk_byo_windows/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: config.yml +- include_tasks: config.yml when: splunk_server.byo_splunk == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/splunk_server/tasks/main.yml b/terraform/ansible/roles/splunk_server/tasks/main.yml index 46a7f605d..865ae6278 100644 --- a/terraform/ansible/roles/splunk_server/tasks/main.yml +++ b/terraform/ansible/roles/splunk_server/tasks/main.yml @@ -1,23 +1,23 @@ --- # This playbook contains common tasks in this role -- include: splunk.yml -- include: configure_inputs.yml -- include: configure_indexes.yml -- include: configure_limits.yml -- include: configure_web_conf.yml -- include: configure_server_conf.yml -- include: create_serverclass.yml +- include_tasks: splunk.yml +- include_tasks: configure_inputs.yml +- include_tasks: configure_indexes.yml +- include_tasks: configure_limits.yml +- include_tasks: configure_web_conf.yml +- include_tasks: configure_server_conf.yml +- include_tasks: create_serverclass.yml - name: Convert splunk_apps string to list set_fact: splunk_apps_list: "{{ splunk_server.splunk_apps.split(',') }}" -- include: install_app_from_s3.yml +- include_tasks: install_app_from_s3.yml with_items: "{{ splunk_apps_list }}" -- include: configure_attack_range_dashboard.yml -- include: configure_escu.yml -- include: configure_props.yml -- include: configure_cim.yml -- include: configure_phantom.yml \ No newline at end of file +- include_tasks: configure_attack_range_dashboard.yml +- include_tasks: configure_escu.yml +- include_tasks: configure_props.yml +- include_tasks: configure_cim.yml +- include_tasks: configure_phantom.yml \ No newline at end of file diff --git a/terraform/ansible/roles/splunk_server_post/tasks/main.yml b/terraform/ansible/roles/splunk_server_post/tasks/main.yml index a3370089d..729e63dc8 100644 --- a/terraform/ansible/roles/splunk_server_post/tasks/main.yml +++ b/terraform/ansible/roles/splunk_server_post/tasks/main.yml @@ -4,19 +4,19 @@ hostname: name: "{{ hostname }}" -- include: change_splunk_password.yml +- include_tasks: change_splunk_password.yml -- include: phantom_server_configure.yml +- include_tasks: phantom_server_configure.yml when: phantom_server.phantom_server == "1" and not general.cloud_provider == "local" -- include: phantom_server_configure_local.yml +- include_tasks: phantom_server_configure_local.yml when: phantom_server.phantom_server == "1" and general.cloud_provider == "local" -- include: install_enterprise_security.yml +- include_tasks: install_enterprise_security.yml when: splunk_server.install_es == "1" -- include: install_botsv3_dataset.yml +- include_tasks: install_botsv3_dataset.yml when: splunk_server.ingest_bots3_data == "1" -- include: install_dltk.yml +- include_tasks: install_dltk.yml when: splunk_server.install_dltk == "1" \ No newline at end of file diff --git a/terraform/ansible/roles/sysmon/tasks/main.yml b/terraform/ansible/roles/sysmon/tasks/main.yml index c6440e813..6864cb480 100644 --- a/terraform/ansible/roles/sysmon/tasks/main.yml +++ b/terraform/ansible/roles/sysmon/tasks/main.yml @@ -8,8 +8,8 @@ - 'c:\Program Files\ansible' - 'c:\ProgramData\ansible\log' -- include: windows-sysmon.yml -- include: windows-logging-registry.yml +- include_tasks: windows-sysmon.yml +- include_tasks: windows-logging-registry.yml - name: 'Reboot server' win_reboot: diff --git a/terraform/ansible/roles/update_sysmon_config/tasks/main.yml b/terraform/ansible/roles/update_sysmon_config/tasks/main.yml index d1e721f48..e957182a8 100644 --- a/terraform/ansible/roles/update_sysmon_config/tasks/main.yml +++ b/terraform/ansible/roles/update_sysmon_config/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: windows-sysmon.yml +- include_tasks: windows-sysmon.yml when: windows_servers.win_sysmon_config != "SwiftOnSecurity.xml" diff --git a/terraform/ansible/roles/update_sysmon_config_linux/tasks/main.yml b/terraform/ansible/roles/update_sysmon_config_linux/tasks/main.yml index 8b327c5d7..45d03d84f 100644 --- a/terraform/ansible/roles/update_sysmon_config_linux/tasks/main.yml +++ b/terraform/ansible/roles/update_sysmon_config_linux/tasks/main.yml @@ -1,4 +1,4 @@ --- -- include: update_sysmon_config.yml +- include_tasks: update_sysmon_config.yml when: linux_servers.sysmon_config != "SysMonLinux-CatchAll.xml" \ No newline at end of file diff --git a/terraform/ansible/roles/windows_aurora_agent/tasks/main.yml b/terraform/ansible/roles/windows_aurora_agent/tasks/main.yml index 7159485d1..a446a6aab 100644 --- a/terraform/ansible/roles/windows_aurora_agent/tasks/main.yml +++ b/terraform/ansible/roles/windows_aurora_agent/tasks/main.yml @@ -1,5 +1,5 @@ --- -- include: install_aurora_agent.yml +- include_tasks: install_aurora_agent.yml when: windows_servers.aurora_agent == "1" diff --git a/terraform/ansible/roles/windows_common/tasks/main.yml b/terraform/ansible/roles/windows_common/tasks/main.yml index 94c51757e..57eaa2802 100644 --- a/terraform/ansible/roles/windows_common/tasks/main.yml +++ b/terraform/ansible/roles/windows_common/tasks/main.yml @@ -1,10 +1,10 @@ --- -- include: windows-disable-defender.yml -- include: windows-enable-ps-logging.yml -- include: windows-enable-4688-cmd-line-audit.yml -- include: install_choco.yml -- include: install_app_chocolatey.yml +- include_tasks: windows-disable-defender.yml +- include_tasks: windows-enable-ps-logging.yml +- include_tasks: windows-enable-4688-cmd-line-audit.yml +- include_tasks: install_choco.yml +- include_tasks: install_app_chocolatey.yml with_items: - "firefox" - "git" @@ -12,6 +12,6 @@ - "7zip" - "adobereader" - "python" -- include: advanced_logging.yml +- include_tasks: advanced_logging.yml when: windows_servers.advanced_logging == "1" diff --git a/terraform/ansible/roles/windows_common/tasks/windows-enable-4688-cmd-line-audit.yml b/terraform/ansible/roles/windows_common/tasks/windows-enable-4688-cmd-line-audit.yml index 6d890df80..ad7d520e9 100644 --- a/terraform/ansible/roles/windows_common/tasks/windows-enable-4688-cmd-line-audit.yml +++ b/terraform/ansible/roles/windows_common/tasks/windows-enable-4688-cmd-line-audit.yml @@ -4,7 +4,7 @@ ignore_errors: yes win_regedit: key: "HKLM:\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Audit" - value: ProcessCreationIncludeCmdLine_Enabled + value: ProcessCreationinclude_tasksCmdLine_Enabled datatype: dword data: 1 diff --git a/terraform/ansible/roles/windows_universal_forwarder/tasks/main.yml b/terraform/ansible/roles/windows_universal_forwarder/tasks/main.yml index dcf0851b1..c5ee52507 100644 --- a/terraform/ansible/roles/windows_universal_forwarder/tasks/main.yml +++ b/terraform/ansible/roles/windows_universal_forwarder/tasks/main.yml @@ -1,12 +1,12 @@ -- include: install_splunk_uf.yml -#- include: create_deploymentclient.yml -- include: configure_outputs.yml -- include: collect_powershell_logs.yml -- include: collect_attack_simulation_logs.yml -- include: collect_sysmon_logs.yml -- include: collect_windows_event_logs.yml -- include: collect_aurora_agent_logs.yml +- include_tasks: install_splunk_uf.yml +#- include_tasks: create_deploymentclient.yml +- include_tasks: configure_outputs.yml +- include_tasks: collect_powershell_logs.yml +- include_tasks: collect_attack_simulation_logs.yml +- include_tasks: collect_sysmon_logs.yml +- include_tasks: collect_windows_event_logs.yml +- include_tasks: collect_aurora_agent_logs.yml - name: Restart splunk win_command: splunk.exe restart diff --git a/terraform/ansible/roles/zeek_sensor/tasks/main.yml b/terraform/ansible/roles/zeek_sensor/tasks/main.yml index 168e4d00f..766dd0f6a 100644 --- a/terraform/ansible/roles/zeek_sensor/tasks/main.yml +++ b/terraform/ansible/roles/zeek_sensor/tasks/main.yml @@ -1,3 +1,3 @@ --- -- include: zeek.yml -- include: splunkuf.yml +- include_tasks: zeek.yml +- include_tasks: splunkuf.yml