Table of Contents Link to heading
- Using AWX for Scheduled Playbook Execution
- Event-Driven Network Troubleshooting with Ansible
- Monitoring Network Health with AWX Dashboards
Using AWX for Scheduled Playbook Execution Link to heading
Once AWX is installed, configure an inventory, import your playbooks, and schedule automation workflows.
- Create an inventory:
- Navigate to Inventories โ Add New Inventory โ Define Hosts.
- Import playbooks:
- Connect AWX to a Git repository or upload playbooks manually.
- Schedule playbook execution:
- Navigate to Templates โ Add Playbook Template โ Configure execution settings.
- Enable scheduled jobs for recurring automation.
Example: Automating Network Backups via AWX Scheduler Link to heading
Instead of running backups manually, AWX can schedule playbooks at regular intervals.
Scheduled Playbook for Network Configuration Backup Link to heading
- name: Backup Network Configuration
hosts: routers
tasks:
- name: Retrieve Running Config
cisco.ios.ios_command:
commands:
- show running-config
register: running_config
- name: Store Config in Backup Directory
copy:
content: "{{ running_config.stdout_lines }}"
dest: "/backups/{{ inventory_hostname }}-config.txt"
Setting Up the Playbook in AWX Link to heading
- Upload this playbook to AWX’s Git-integrated repository.
- Create an execution template for backups.
- Set a schedule (e.g., every Sunday at midnight).
- AWX will automatically execute the backup without manual intervention.
Event-Driven Network Troubleshooting with Ansible Link to heading
Ansible can trigger troubleshooting playbooks when network failures occur using event-driven automation.
Example: Automatic Troubleshooting Based on Ping Failures Link to heading
This playbook pings all routers, and if a failure is detected, Ansible automatically collects troubleshooting data.
- name: Automated Network Troubleshooting
hosts: routers
tasks:
- name: Ping Network Devices
ping:
register: ping_status
- name: Run Diagnostics if Ping Fails
block:
- name: Gather Routing Table
cisco.ios.ios_command:
commands:
- show ip route
register: routing_table
- name: Check Interface Status
cisco.ios.ios_command:
commands:
- show ip interface brief
register: interfaces
- name: Log Output
copy:
content:
- "Routing Table: {{ routing_table.stdout_lines }}"
- "Interfaces: {{ interfaces.stdout_lines }}"
dest: "/logs/troubleshooting_{{ inventory_hostname }}.log"
when: ping_status.failed
Integrating Event-Driven Automation with AWX Link to heading
- Use AWX’s API to trigger troubleshooting playbooks.
- Set up Webhooks with monitoring tools (e.g., Zabbix, Prometheus).
- Whenever a device goes offline, AWX will automatically trigger the diagnostics playbook.
Example: Automatic Security Response Link to heading
If unauthorised IP access is detected, AWX executes a firewall rule to block the IP.
- name: Block Unauthorised IP Addresses
hosts: firewalls
tasks:
- name: Retrieve Active Connections
cisco.ios.ios_command:
commands:
- show conn
register: active_connections
- name: Block Suspicious IPs
cisco.ios.ios_acl:
name: BLOCK_INTRUSION
entries:
- sequence: 10
action: deny
protocol: tcp
src: "{{ active_connections.stdout_lines | regex_findall('[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+') }}"
dest: any
dport: 22
Triggering This Playbook Automatically Using AWX Link to heading
- Set up AWX Webhooks
- Enable AWX Webhooks to listen for security alerts (e.g., failed SSH login attempts).
- If an intrusion is detected, AWX automatically runs the firewall blocking playbook.
- Integrate AWX with security tools (Splunk, ELK Stack) for threat monitoring.
- Integrate with SIEM Tools
- Connect AWX to Splunk, ELK Stack, or Security Event Monitors.
- Automate security incident reports when attacks happen.
Run the playbook manually:
ansible-playbook block_intrusion.yml -i inventory.ini
Automating Troubleshooting Events Link to heading
Configure AWX Job Templates for automatic log collection when connectivity issues arise.
- Example: If a monitoring tool detects a router failure, AWX will trigger troubleshooting automatically.
Monitoring Network Health with AWX Dashboards Link to heading
AWX provides a centralised dashboard to track network automation tasks, device health, and playbook execution status.
Setting Up AWX for Network Monitoring Link to heading
To create a network monitoring dashboard using AWX:
Enable Job Status Tracking
- AWX logs playbook execution results in the dashboard.
- Monitor which automation tasks succeed or fail.
Connect to Monitoring Tools
- Use AWX’s API to integrate Zabbix, Prometheus, or Grafana.
- Create alerts for failed playbook executions.
Automate Remediation Playbooks
- If a monitoring tool detects device failures, AWX triggers Ansible playbooks automatically.
- Example: If a router fails, AWX runs a troubleshooting playbook instantly.
Example: Monitoring Network Configuration Changes Link to heading
This playbook detects unauthorised config changes and logs differences.
- name: Monitor Network Configurations
hosts: routers
tasks:
- name: Retrieve Running Config
cisco.ios.ios_command:
commands:
- show running-config
register: current_config
- name: Compare with Previous Backup
command: diff /backups/{{ inventory_hostname }}-config.txt /tmp/current_config.txt
register: diff_output
ignore_errors: yes
- name: Log Unauthorised Changes
copy:
content: "{{ diff_output.stdout_lines }}"
dest: "/logs/config_change_{{ inventory_hostname }}.log"
when: diff_output.stdout_lines | length > 0
Automating This Workflow in AWX Link to heading
- Upload the playbook into AWX
- Schedule execution every 6 hours
- Enable alerts for unauthorised changes
- Use AWX’s REST API to notify security teams