Let's say you have the following playbook which will create the /tmp/foo.txt file and display the JSON output.
---
- hosts: localhost
tasks:
- name: create /tmp/foo.txt
file:
path: /tmp/foo.txt
state: touch
register: out
- debug:
var: out
...
By default, the default Ansible configuration file (/etc/ansible/ansible.cfg) has log_path commented out.
#log_path = /var/log/ansible.log
When commented out, Ansible will log events to the machines syslog (system log daemon). As an example, syslog may write Ansible events to the /var/log/messages file.
Mar 22 12:55:08 [localhost] ansible-command: Invoked with creates=None executable=None _uses_shell=True strip_empty_ends=True _raw_params=ping -c4 127.0.0.1 removes=None argv=None warn=True chdir=None stdin_add_newline=True stdin=None
There are a number of ways to configure Ansible to log events to a log file, where the higher option in this list will take precedence over the lower option.
- ANSIBLE_LOG_PATH variable
- log_path in ansible.cfg in the present working directory
- log_path in .ansible.cfg in the user home directory (e.g. /home/john.doe/.ansible.cfg)
- log_path in /etc/ansible/ansible.cfg
ANSIBLE_LOG_PATH variable
Here is how you could set the log path using the ANSIBLE_LOG_PATH variable on a Linux system. Be aware that you would need to issue the export command before issuing the ansible-playbook command.
export ANSIBLE_LOG_PATH=/home/john.doe/ansible.log
ansible-playbook test.yml
Or, you can include this in your users hidden .bash_profile file (e.g. /home/john.doe/.bash_profile) to make this setting permanent.
~]$ cat /home/john.doe/.bash_profile
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
export ANSIBLE_LOG_PATH=/home/$USER/ansible.log
While it seems to be possible to set ANSIBLE_LOG_PATH as an environment variable in a playbook, what I observed is that this would create the log file but no events would be appended to the log file.
---
- hosts: localhost
environment:
ANSIBLE_LOG_PATH: /home/$(whoami)/ansible.log
tasks:
- name: create /tmp/foo.txt
file:
path: /tmp/foo.txt
state: touch
register: out
- debug:
var: out
...
log_path directive
Define the log_path directive in your Ansible configuration file (ansible.cfg), where the higher option in this list will take precedence over the lower options.
- log_path in ansible.cfg in the present working directory
- log_path in .ansible.cfg in the user home directory (e.g. /home/john.doe/.ansible.cfg)
- log_path in /etc/ansible/ansible.cfg
In this example, Ansible will start to log events to /var/log/ansible.log.
log_path = /var/log/ansible.log
AVOID TROUBLE
If you are using your own ansible.cfg file (e.g. /home/john.doe/ansible.cfg) instead of the global /etc/ansible/ansible.cfg file, the log_path directive must be under the [defaults] header.
Create and rotate the log file
You may need to create the log file and update the permission so that it has the write permission for user, group and other. You may want to also configure logrotate to rotate the log files.
touch /var/log/ansible.log
chmod 0666 /var/log/ansible.log
ansible.log should have something like this.
PLAY [localhost]
TASK [create /tmp/foo.txt]
changed: [localhost]
TASK [debug]
ok: [localhost] => {
"out": {
"changed": true,
"dest": "/tmp/bar.txt",
"diff": {
"after": {
"atime": 1673502951.122303,
"mtime": 1673502951.122303,
"path": "/tmp/bar.txt",
"state": "touch"
},
"before": {
"atime": 1673502951.1182466,
"mtime": 1673502951.1182466,
"path": "/tmp/bar.txt",
"state": "absent"
}
},
"failed": false,
"gid": 100,
"group": "users",
"mode": "0644",
"owner": "john.doe",
"secontext": "unconfined_u:object_r:user_tmp_t:s0",
"size": 0,
"state": "file",
"uid": 65234
}
}
PLAY RECAP
localhost : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Did you find this article helpful?
If so, consider buying me a coffee over at 