This basic Ansible role is used to setup Moloch on a single server instance. The motivation to create this role was to create an automated setup of a Malware Analysis Lab in conjunction with the Cuckoo Sandbox.
This role was only tested on Ubuntu 18.04, but should work on all Debian based systems which are supported by Moloch.
The following variables are available:
moloch_deb_url: "https://files.molo.ch/builds/ubuntu-18.04/moloch_1.5.3-1_amd64.deb"
moloch_interface: eth0
moloch_password: SomeRandomString
moloch_admin_password: SomeOtherRandomString
Change the URL which is used to get the deb package for Moloch if you require a different version or if you are installing it on another OS than Ubuntu 18.04.
The interface Moloch will listen for traffic
The password which is used to encrypt S2S and other things.
The admin users's password
-
hosts: sandboxes
roles:
-
role: ansible-role-moloch
tags: role-moloch
- Configure the role variables in your group or host vars
- Put the role into a playbook
- Run the playbook
- Access the web interface on http://:8005 with user "admin" and the password defined in
moloch_admin_password