Check the documentation added in:
ansible_burp_reports deploy and maintenance role.
This roles builds burp_reports version specified on defaults/main.yml. Also configures it to get it working and maintained in a centralized way.
Burp-ui working and var defined in your group_vars/group Recommended: ansible_burpui_server and ansible_burp2_server from CoffeeITWorks: /~
Try to not edit the role only for vars, all configurable vars are in defaults/main.yml so all of them can be set on group_vars/group or host_vars/host files.
First required:
burpui_apiurl: http://admin:admin@localhost:5000/api/
Not really required but you can customize all the following:
burp_report_days_outdated: 25
burp_report_conf: /etc/burp/burp-reports.conf
burp_conf_user: 'root'
burp_conf_group: 'root'
# /~
burp_report_inventory_input: None
burp_report_inventory_output: None # could be for example /var/www/html/inventory_central.csv
# Tests tasks
burp_report_test: false
report_outdated_special_time: 'weekly'
report_inventory_special_time: 'weekly'
burp_report_emails_notes: 'some useful notes to change'
burp_report_emails_to: root@localhost
burp_report_emails_from: burpserver@localhost
burp_excluded_clients: 'agent,monitor'
smtp_relay: 'localhost'
smtp_port: 25
smtp_mode: 'normal'
smtp_login: ''
smtp_password: ''
## burp-reports installation packages:
# doc: /~
# This example is the variable that setups the burp_reports version:
- name: burp_reports
version: 1.2.4
Optional prepare templates and schedule jobs.
# Optional cron jobs, example with template generated to send status through nsca
- name: 'burp-reports inventory nsca'
job: '/usr/local/bin/burp-reports-nsca'
day: "*"
hour: "*"
minute: "*/10"
month: "*"
weekday: "*"
# Optional generation of nsca scripts
- script: '/usr/local/bin/burp-reports-nsca'
command: '/usr/local/bin/burp-reports -c {{ burp_report_conf }} --report inventory -i {{ burp_report_inventory_input }} -o {{ burp_report_inventory_output }}'
nagios_service: 'burp_reports_status'
To use it you will need a nagios config service for burp-reports server name, ex:
define service {
service_description burp_reports_status
use generic-service
passive_checks_enabled 1
max_check_attempts 1
active_checks_enabled 0
notification_interval 60
check_freshness 1
freshness_threshold 7200 ; 2 hour threshold, without cron execution will execute check_command
check_command no-burp-reports
# set the contact group
# contact_groups {{ contact_group }}
flap_detection_enabled 0
define command {
command_name no-burp-reports
command_line /usr/local/nagios/libexec/check_dummy 2 "burp-reports was not executed in time"
config_burp_reports_cron: if you want to change some cron task test_burp_reports: tests commands, all configuration should be already done.
- hosts: servers
environment: "{{ proxy_env }}"
- { role: common, tags: ["role_all", "role"] }
environment is not required!, only is an example in case you are behind a firewall. If that's you case, add the proxy var to you group_vars/all. Example of that vars is at: /~
This role was main developed by Pablo Estigarribia (pablodav at gmail)
Main page:
Main page: