From 7a9c910c233793e5f3c7a1c59d3afe439c0af6de Mon Sep 17 00:00:00 2001
From: Stefan Thierolf <stefan@thierolf.org>
Date: Sat, 28 Dec 2024 20:10:53 +0100
Subject: [PATCH] transfer from github

---
 ansible/debian-graylog-example/README.md      |  9 +++
 .../inventory/group_vars/debian_linux.yaml    |  8 +++
 .../host_vars/debian-test.example.com.yaml    | 11 ++++
 .../inventory/inventory.yaml                  |  9 +++
 .../playbooks/deploy_debian_test,yaml         |  7 +++
 .../graylog-sidecar-repository_1-5_all.deb    |  2 +
 .../roles/handlers/main.yaml                  |  7 +++
 .../roles/tasks/main.yaml                     | 10 ++++
 .../roles/tasks/task_01_install_graylog.yaml  | 41 +++++++++++++
 .../tasks/task_02_configure_graylog.yaml      | 31 ++++++++++
 .../roles/templates/node-id.j2                |  1 +
 .../roles/templates/sidecar.yaml.j2           | 29 +++++++++
 .../roles/vars/main.yaml                      | 11 ++++
 ansible/windows-graylog-example/README.md     |  9 +++
 .../group_vars/microsoft_windows.yaml         | 10 ++++
 .../host_vars/win-test.example.com.yaml       | 11 ++++
 .../inventory/inventory.yaml                  |  9 +++
 .../playbooks/deploy_win-test.yaml            |  7 +++
 .../graylog_sidecar_installer_1.5.0-1.exe     |  2 +
 .../roles/windows/graylog/handlers/main.yaml  |  7 +++
 .../roles/windows/graylog/tasks/main.yaml     | 10 ++++
 .../tasks/task_01_install_graylog.yaml        | 31 ++++++++++
 .../tasks/task_02_configure_graylog.yaml      | 33 ++++++++++
 .../windows/graylog/templates/node-id.j2      |  1 +
 .../windows/graylog/templates/sidecar.yaml.j2 | 26 ++++++++
 .../roles/windows/graylog/vars/main.yaml      | 11 ++++
 .../README.md                                 |  9 +++
 .../group_vars/microsoft_windows.yaml         |  9 +++
 .../host_vars/win-test.example.com.yaml       | 30 ++++++++++
 .../inventory/inventory.yaml                  |  8 +++
 .../playbooks/deploy_win-test.yaml            |  7 +++
 .../files/NSCP-0.5.3.4-x64.msi                |  2 +
 .../nsclientplusplus/handlers/main.yaml       |  7 +++
 .../windows/nsclientplusplus/tasks/main.yaml  | 10 ++++
 .../task_01_install_nsclientplusplus.yaml     | 39 ++++++++++++
 .../task_02_configure_nsclientplusplus.yaml   | 57 ++++++++++++++++++
 .../templates/nsclient.ini.j2                 | 60 +++++++++++++++++++
 .../windows/nsclientplusplus/vars/main.yaml   | 14 +++++
 ansible/windows-snmp-example/README.md        |  9 +++
 .../group_vars/microsoft_windows.yaml         | 10 ++++
 .../host_vars/win-test.example.com.yaml       |  8 +++
 .../inventory/inventory.yaml                  |  9 +++
 .../playbooks/deploy_win-test.yaml            |  8 +++
 .../roles/windows/snmp/main.yaml              | 12 ++++
 .../windows/snmp/task_01_install_snmp.yaml    | 26 ++++++++
 .../windows/snmp/task_02_config_sysinfo.yaml  | 13 ++++
 .../windows/snmp/task_03_config_firewall.yaml | 16 +++++
 47 files changed, 706 insertions(+)
 create mode 100644 ansible/debian-graylog-example/README.md
 create mode 100644 ansible/debian-graylog-example/inventory/group_vars/debian_linux.yaml
 create mode 100644 ansible/debian-graylog-example/inventory/host_vars/debian-test.example.com.yaml
 create mode 100644 ansible/debian-graylog-example/inventory/inventory.yaml
 create mode 100644 ansible/debian-graylog-example/playbooks/deploy_debian_test,yaml
 create mode 100644 ansible/debian-graylog-example/roles/files/graylog-sidecar-repository_1-5_all.deb
 create mode 100644 ansible/debian-graylog-example/roles/handlers/main.yaml
 create mode 100644 ansible/debian-graylog-example/roles/tasks/main.yaml
 create mode 100644 ansible/debian-graylog-example/roles/tasks/task_01_install_graylog.yaml
 create mode 100644 ansible/debian-graylog-example/roles/tasks/task_02_configure_graylog.yaml
 create mode 100644 ansible/debian-graylog-example/roles/templates/node-id.j2
 create mode 100644 ansible/debian-graylog-example/roles/templates/sidecar.yaml.j2
 create mode 100644 ansible/debian-graylog-example/roles/vars/main.yaml
 create mode 100644 ansible/windows-graylog-example/README.md
 create mode 100644 ansible/windows-graylog-example/inventory/group_vars/microsoft_windows.yaml
 create mode 100644 ansible/windows-graylog-example/inventory/host_vars/win-test.example.com.yaml
 create mode 100644 ansible/windows-graylog-example/inventory/inventory.yaml
 create mode 100644 ansible/windows-graylog-example/playbooks/deploy_win-test.yaml
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/files/graylog_sidecar_installer_1.5.0-1.exe
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/handlers/main.yaml
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/tasks/main.yaml
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/tasks/task_01_install_graylog.yaml
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/tasks/task_02_configure_graylog.yaml
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/templates/node-id.j2
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/templates/sidecar.yaml.j2
 create mode 100644 ansible/windows-graylog-example/roles/windows/graylog/vars/main.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/README.md
 create mode 100644 ansible/windows-nsclientplusplus-example/inventory/group_vars/microsoft_windows.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/inventory/host_vars/win-test.example.com.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/inventory/inventory.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/playbooks/deploy_win-test.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/files/NSCP-0.5.3.4-x64.msi
 create mode 100644 ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/handlers/main.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/main.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_01_install_nsclientplusplus.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_02_configure_nsclientplusplus.yaml
 create mode 100644 ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/templates/nsclient.ini.j2
 create mode 100644 ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/vars/main.yaml
 create mode 100644 ansible/windows-snmp-example/README.md
 create mode 100644 ansible/windows-snmp-example/inventory/group_vars/microsoft_windows.yaml
 create mode 100644 ansible/windows-snmp-example/inventory/host_vars/win-test.example.com.yaml
 create mode 100644 ansible/windows-snmp-example/inventory/inventory.yaml
 create mode 100644 ansible/windows-snmp-example/playbooks/deploy_win-test.yaml
 create mode 100644 ansible/windows-snmp-example/roles/windows/snmp/main.yaml
 create mode 100644 ansible/windows-snmp-example/roles/windows/snmp/task_01_install_snmp.yaml
 create mode 100644 ansible/windows-snmp-example/roles/windows/snmp/task_02_config_sysinfo.yaml
 create mode 100644 ansible/windows-snmp-example/roles/windows/snmp/task_03_config_firewall.yaml

diff --git a/ansible/debian-graylog-example/README.md b/ansible/debian-graylog-example/README.md
new file mode 100644
index 0000000..870d75c
--- /dev/null
+++ b/ansible/debian-graylog-example/README.md
@@ -0,0 +1,9 @@
+# debian-graylog-example
+
+## English
+
+🇺🇸 [Ansible Role to onboard Debian Linux in Graylog Open](https://www.thierolf.org/posts/ansible-role-to-onboard-debian-linux-in-graylog-open/)
+
+## Deutsch
+
+🇩🇪 [Ansible Role für das Onboarding von Debian Linux in Graylog Open](https://www.thierolf.org/posts/ansible-role-fuer-das-onboarding-von-debian-linux-in-graylog-open/)
diff --git a/ansible/debian-graylog-example/inventory/group_vars/debian_linux.yaml b/ansible/debian-graylog-example/inventory/group_vars/debian_linux.yaml
new file mode 100644
index 0000000..f70ed37
--- /dev/null
+++ b/ansible/debian-graylog-example/inventory/group_vars/debian_linux.yaml
@@ -0,0 +1,8 @@
+---
+# Group_vars for Debian Linux
+# ===========================
+ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+ansible_user: "[ANSIBLE_USERNAME]"
+ansible_password: "[ANSIBLE_PASSWORD]"
+ansible_become_password: "[ANSIBLE_PASSWORD]"
+ansible_become: true
diff --git a/ansible/debian-graylog-example/inventory/host_vars/debian-test.example.com.yaml b/ansible/debian-graylog-example/inventory/host_vars/debian-test.example.com.yaml
new file mode 100644
index 0000000..ff7337e
--- /dev/null
+++ b/ansible/debian-graylog-example/inventory/host_vars/debian-test.example.com.yaml
@@ -0,0 +1,11 @@
+---
+# Ansible-specific
+# ================
+ansible_host: n.n.n.n
+hostname: debian-test
+domainname: example.com
+fqdn: "{{ hostname }}.{{ domainname }}"
+
+# Graylog-Node-ID
+# ===============
+graylog_node_id: nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn
\ No newline at end of file
diff --git a/ansible/debian-graylog-example/inventory/inventory.yaml b/ansible/debian-graylog-example/inventory/inventory.yaml
new file mode 100644
index 0000000..7ab0aa6
--- /dev/null
+++ b/ansible/debian-graylog-example/inventory/inventory.yaml
@@ -0,0 +1,9 @@
+---
+#
+# Inventory
+#
+all:
+  children:
+    debian_linux:
+      hosts:
+        debian-test.example.com:
diff --git a/ansible/debian-graylog-example/playbooks/deploy_debian_test,yaml b/ansible/debian-graylog-example/playbooks/deploy_debian_test,yaml
new file mode 100644
index 0000000..b2f6d73
--- /dev/null
+++ b/ansible/debian-graylog-example/playbooks/deploy_debian_test,yaml
@@ -0,0 +1,7 @@
+---
+# Playbook
+# ========
+- hosts: debian_linux
+  gather_facts: true
+  roles:
+    - server/debian/graylog
diff --git a/ansible/debian-graylog-example/roles/files/graylog-sidecar-repository_1-5_all.deb b/ansible/debian-graylog-example/roles/files/graylog-sidecar-repository_1-5_all.deb
new file mode 100644
index 0000000..393081f
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/files/graylog-sidecar-repository_1-5_all.deb
@@ -0,0 +1,2 @@
+!! DUMMY FILE !!
+See: https://github.com/Graylog2/collector-sidecar/releases
diff --git a/ansible/debian-graylog-example/roles/handlers/main.yaml b/ansible/debian-graylog-example/roles/handlers/main.yaml
new file mode 100644
index 0000000..198a943
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/handlers/main.yaml
@@ -0,0 +1,7 @@
+# Handlers
+# ========
+- name: "Restart: graylog-sidecar"
+  ansible.builtin.systemd_service:
+    name: graylog-sidecar
+    enabled: true
+    state: restarted
\ No newline at end of file
diff --git a/ansible/debian-graylog-example/roles/tasks/main.yaml b/ansible/debian-graylog-example/roles/tasks/main.yaml
new file mode 100644
index 0000000..1c09bbc
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/tasks/main.yaml
@@ -0,0 +1,10 @@
+---
+# Tasks
+# =====
+- name: "Block"
+  ansible.builtin.include_tasks: "{{ tasks }}"
+  loop:
+    - task_01_install_graylog.yaml
+    - task_02_configure_graylog.yaml
+  loop_control:
+    loop_var: tasks
\ No newline at end of file
diff --git a/ansible/debian-graylog-example/roles/tasks/task_01_install_graylog.yaml b/ansible/debian-graylog-example/roles/tasks/task_01_install_graylog.yaml
new file mode 100644
index 0000000..9814cd8
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/tasks/task_01_install_graylog.yaml
@@ -0,0 +1,41 @@
+---
+# task_01_install_graylog
+# =======================
+- name: "Block"
+  notify: "Restart: graylog-sidecar"
+  when: ansible_os_family == "Debian"
+  block:
+
+    - name: "Assert vars: graylog-sidecar"
+      ansible.builtin.assert:
+        that:
+          - graylog_server_url is defined
+          - graylog_server_api_token is defined
+          - graylog_update_interval is defined
+          - graylog_tls_skip_verify is defined
+          - graylog_node_id is defined
+          - graylog_log_rotate_max_file_size is defined
+          - graylog_log_rotate_keep_files is defined
+          - graylog_collector_validation_timeout is defined
+
+    - name: "Create /tmp directory"
+      ansible.builtin.file:
+        path: /tmp
+        state: directory
+
+    - name: "Copy: graylog-sidecar-repository_1-5_all.deb"
+      ansible.builtin.copy:
+        src: graylog-sidecar-repository_1-5_all.deb
+        dest: /tmp/graylog-sidecar-repository_1-5_all.deb
+
+    - name: "Make package available: graylog-sidecar"
+      ansible.builtin.apt:
+        deb: /tmp/graylog-sidecar-repository_1-5_all.deb
+
+    - name: "Apt Update"
+      ansible.builtin.apt:
+        update_cache: yes
+
+    - name: "Install: graylog-sidecar"
+      ansible.builtin.apt:
+        name: graylog-sidecar
\ No newline at end of file
diff --git a/ansible/debian-graylog-example/roles/tasks/task_02_configure_graylog.yaml b/ansible/debian-graylog-example/roles/tasks/task_02_configure_graylog.yaml
new file mode 100644
index 0000000..690fce1
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/tasks/task_02_configure_graylog.yaml
@@ -0,0 +1,31 @@
+---
+# task_02_configure_graylog
+# =========================
+- name: "Block"
+  notify: "Restart: graylog-sidecar"
+  when: ansible_os_family == "Debian"
+  block:
+
+    - name: "Assert vars: graylog-sidecar"
+      ansible.builtin.assert:
+        that:
+          - graylog_server_url is defined
+          - graylog_server_api_token is defined
+          - graylog_update_interval is defined
+          - graylog_tls_skip_verify is defined
+          - graylog_node_id is defined
+          - graylog_log_rotate_max_file_size is defined
+          - graylog_log_rotate_keep_files is defined
+          - graylog_collector_validation_timeout is defined
+
+    - name: "Deploy config: sidecar.yaml.j2"
+      ansible.builtin.template:
+        src: sidecar.yaml.j2
+        dest: /etc/graylog/sidecar/sidecar.yml
+        backup: true
+
+    - name: "Deploy config: node-id.j2"
+      ansible.builtin.template:
+        src: node-id.j2
+        dest: /etc/graylog/sidecar/node-id
+        backup: false
\ No newline at end of file
diff --git a/ansible/debian-graylog-example/roles/templates/node-id.j2 b/ansible/debian-graylog-example/roles/templates/node-id.j2
new file mode 100644
index 0000000..4f59b20
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/templates/node-id.j2
@@ -0,0 +1 @@
+{{ graylog_node_id }}
\ No newline at end of file
diff --git a/ansible/debian-graylog-example/roles/templates/sidecar.yaml.j2 b/ansible/debian-graylog-example/roles/templates/sidecar.yaml.j2
new file mode 100644
index 0000000..b610fe2
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/templates/sidecar.yaml.j2
@@ -0,0 +1,29 @@
+#
+# !! This configuration file is managed by Ansible !!
+# !! DO NOT change local file. Change Ansible role !!
+#
+server_url: "{{ graylog_server_url }}"
+server_api_token: "{{ graylog_server_api_token }}"
+
+node_id: "file:/etc/graylog/sidecar/node-id"
+
+update_interval: {{ graylog_update_interval }}
+tls_skip_verify: {{ graylog_tls_skip_verify }}
+send_status: true
+
+cache_path: "/var/cache/graylog-sidecar"
+log_path: "/var/log/graylog-sidecar"
+log_rotate_max_file_size: {{ graylog_log_rotate_max_file_size }}
+log_rotate_keep_files: {{ graylog_log_rotate_keep_files }}
+collector_validation_timeout: {{ graylog_collector_validation_timeout }}
+collector_shutdown_timeout: "10s"
+collector_configuration_directory: "/var/lib/graylog-sidecar/generated"
+
+#list_log_files: []
+
+tags:
+  - default
+
+collector_binaries_accesslist:
+  - "/usr/lib/graylog-sidecar/filebeat"
+  - "/usr/lib/graylog-sidecar/auditbeat"
\ No newline at end of file
diff --git a/ansible/debian-graylog-example/roles/vars/main.yaml b/ansible/debian-graylog-example/roles/vars/main.yaml
new file mode 100644
index 0000000..ce0f8f8
--- /dev/null
+++ b/ansible/debian-graylog-example/roles/vars/main.yaml
@@ -0,0 +1,11 @@
+---
+# Vars
+# ====
+graylog_server_url: "https://___URL_OF_GRAYLOG_SERVER___/api"
+graylog_server_api_token: "___GRAYLOG_API_TOKEN___"
+graylog_update_interval: 10
+graylog_tls_skip_verify: true
+graylog_send_status: true
+graylog_log_rotate_max_file_size: "10MiB"
+graylog_log_rotate_keep_files: 10
+graylog_collector_validation_timeout: "1m"
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/README.md b/ansible/windows-graylog-example/README.md
new file mode 100644
index 0000000..86d38c4
--- /dev/null
+++ b/ansible/windows-graylog-example/README.md
@@ -0,0 +1,9 @@
+# windows-graylog-example
+
+## English
+
+🇺🇸 [Ansible Role to onboard Windows Servers in Graylog Open](https://www.thierolf.org/posts/ansible-role-to-onboard-windows-server-in-graylog-open/)
+
+## Deutsch
+
+🇩🇪 [Ansible Role für das Onboarding von Windows Server in Graylog Open](https://www.thierolf.org/posts/ansible-role-fuer-das-onboarding-von-windows-server-in-graylog-open/)
diff --git a/ansible/windows-graylog-example/inventory/group_vars/microsoft_windows.yaml b/ansible/windows-graylog-example/inventory/group_vars/microsoft_windows.yaml
new file mode 100644
index 0000000..213b94c
--- /dev/null
+++ b/ansible/windows-graylog-example/inventory/group_vars/microsoft_windows.yaml
@@ -0,0 +1,10 @@
+---
+#
+# group_vars for Microsoft Windows
+#
+ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+ansible_user: "[ANSIBLE_USERNAME]"
+ansible_password: "[ANSIBLE_PASSWORD]"
+ansible_become_password: "{{ ansible_password }}"
+ansible_connection: ssh
+ansible_shell_type: powershell
diff --git a/ansible/windows-graylog-example/inventory/host_vars/win-test.example.com.yaml b/ansible/windows-graylog-example/inventory/host_vars/win-test.example.com.yaml
new file mode 100644
index 0000000..6b1261b
--- /dev/null
+++ b/ansible/windows-graylog-example/inventory/host_vars/win-test.example.com.yaml
@@ -0,0 +1,11 @@
+---
+# Ansible-specific
+# ================
+ansible_host: n.n.n.n
+hostname: win-test
+domainname: example.com
+fqdn: "{{ hostname }}.{{ domainname }}"
+
+# Graylog-Node-ID
+# ===============
+graylog_node_id: nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/inventory/inventory.yaml b/ansible/windows-graylog-example/inventory/inventory.yaml
new file mode 100644
index 0000000..8b11dd2
--- /dev/null
+++ b/ansible/windows-graylog-example/inventory/inventory.yaml
@@ -0,0 +1,9 @@
+---
+#
+# Inventory
+#
+all:
+  children:
+    microsoft_windows:
+      hosts:
+        win-test.example.com:
diff --git a/ansible/windows-graylog-example/playbooks/deploy_win-test.yaml b/ansible/windows-graylog-example/playbooks/deploy_win-test.yaml
new file mode 100644
index 0000000..2cebbd3
--- /dev/null
+++ b/ansible/windows-graylog-example/playbooks/deploy_win-test.yaml
@@ -0,0 +1,7 @@
+---
+# Playbook
+# ========
+- hosts: microsoft_windows
+  gather_facts: true
+  roles:
+    - server/windows/graylog
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/files/graylog_sidecar_installer_1.5.0-1.exe b/ansible/windows-graylog-example/roles/windows/graylog/files/graylog_sidecar_installer_1.5.0-1.exe
new file mode 100644
index 0000000..393081f
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/files/graylog_sidecar_installer_1.5.0-1.exe
@@ -0,0 +1,2 @@
+!! DUMMY FILE !!
+See: https://github.com/Graylog2/collector-sidecar/releases
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/handlers/main.yaml b/ansible/windows-graylog-example/roles/windows/graylog/handlers/main.yaml
new file mode 100644
index 0000000..eaac26a
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/handlers/main.yaml
@@ -0,0 +1,7 @@
+---
+# Handlers
+# ========
+- name: "Restart: graylog-sidecar"
+  ansible.windows.win_service:
+    name: graylog-sidecar
+    state: restarted
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/tasks/main.yaml b/ansible/windows-graylog-example/roles/windows/graylog/tasks/main.yaml
new file mode 100644
index 0000000..1c09bbc
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/tasks/main.yaml
@@ -0,0 +1,10 @@
+---
+# Tasks
+# =====
+- name: "Block"
+  ansible.builtin.include_tasks: "{{ tasks }}"
+  loop:
+    - task_01_install_graylog.yaml
+    - task_02_configure_graylog.yaml
+  loop_control:
+    loop_var: tasks
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/tasks/task_01_install_graylog.yaml b/ansible/windows-graylog-example/roles/windows/graylog/tasks/task_01_install_graylog.yaml
new file mode 100644
index 0000000..157835b
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/tasks/task_01_install_graylog.yaml
@@ -0,0 +1,31 @@
+---
+# Tasks
+# =====
+- name: "Block"
+  notify: "Restart: graylog-sidecar"
+  when: ansible_os_family == "Windows"
+  block:
+
+    - name: "Assert vars: graylog-sidecar"
+      ansible.builtin.assert:
+        that:
+          - graylog_server_url is defined
+          - graylog_server_api_token is defined
+
+    - name: "Create: TEMP directory"
+      ansible.windows.win_file:
+        path: C:\Temp
+        state: directory
+
+    - name: "Copy: graylog_sidecar_installer_1.5.0-1.exe"
+      ansible.builtin.copy:
+        src: graylog_sidecar_installer_1.5.0-1.exe
+        dest: C:\temp\graylog_sidecar_installer_1.5.0-1.exe
+
+    - name: "Install: graylog-sidecar"
+      ansible.windows.win_package:
+        path: C:\temp\graylog_sidecar_installer_1.5.0-1.exe
+        creates_path: C:\Program Files\Graylog\sidecar
+        arguments:
+        - "/S -SERVERURL={{ graylog_server_url }} -APITOKEN={{ graylog_server_api_token }}"
+        state: present
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/tasks/task_02_configure_graylog.yaml b/ansible/windows-graylog-example/roles/windows/graylog/tasks/task_02_configure_graylog.yaml
new file mode 100644
index 0000000..858b033
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/tasks/task_02_configure_graylog.yaml
@@ -0,0 +1,33 @@
+---
+# Tasks
+# =====
+- name: "Block"
+  notify: "Restart: graylog-sidecar"
+  when: ansible_os_family == "Windows"
+  block:
+
+    - name: "Assert vars: graylog-sidecar"
+      ansible.builtin.assert:
+        that:
+          - graylog_server_url is defined
+          - graylog_server_api_token is defined
+          - graylog_update_interval is defined
+          - graylog_tls_skip_verify is defined
+          - graylog_node_id is defined
+          - graylog_tls_skip_verify is defined
+          - graylog_send_status is defined
+          - graylog_log_rotate_max_file_size is defined
+          - graylog_log_rotate_keep_files is defined
+          - graylog_collector_validation_timeout is defined
+
+    - name: "Deploy config: sidecar.yaml.j2"
+      ansible.builtin.template:
+        src: sidecar.yaml.j2
+        dest: C:\Program Files\Graylog\sidecar\sidecar.yml
+        backup: true
+
+    - name: "Deploy config: node-id.j2"
+      ansible.builtin.template:
+        src: node-id.j2
+        dest: C:\Program Files\Graylog\sidecar\node-id
+        backup: false
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/templates/node-id.j2 b/ansible/windows-graylog-example/roles/windows/graylog/templates/node-id.j2
new file mode 100644
index 0000000..2f50532
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/templates/node-id.j2
@@ -0,0 +1 @@
+{{ graylog_node_id }}
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/templates/sidecar.yaml.j2 b/ansible/windows-graylog-example/roles/windows/graylog/templates/sidecar.yaml.j2
new file mode 100644
index 0000000..c325a13
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/templates/sidecar.yaml.j2
@@ -0,0 +1,26 @@
+#
+# !! This configuration file is managed by Ansible !!
+# !! DO NOT change local file. Change Ansible role !!
+#
+server_url: "{{ graylog_server_url }}"
+server_api_token: "{{ graylog_server_api_token }}"
+
+node_id: "file:C:\\Program Files\\Graylog\\sidecar\\node-id"
+node_name: ""
+
+update_interval: {{ graylog_update_interval }}
+tls_skip_verify: "{{ graylog_tls_skip_verify }}"
+send_status: "{{ graylog_send_status }}"
+
+cache_path: "C:\\Program Files\\Graylog\\sidecar\\cache"
+log_path: "C:\\Program Files\\Graylog\\sidecar\\logs"
+log_rotate_max_file_size: "{{ graylog_log_rotate_max_file_size }}"
+log_rotate_keep_files: {{ graylog_log_rotate_keep_files }}
+collector_validation_timeout: "{{ graylog_collector_validation_timeout }}"
+collector_configuration_directory: "C:\\Program Files\\Graylog\\sidecar\\generated"
+windows_drive_range: "CDEFGHIJKLMNOPQRSTUVWXYZ"
+
+tags: [ default ]
+
+collector_binaries_accesslist:
+  - "C:\\Program Files\\Graylog\\sidecar\\winlogbeat.exe"
\ No newline at end of file
diff --git a/ansible/windows-graylog-example/roles/windows/graylog/vars/main.yaml b/ansible/windows-graylog-example/roles/windows/graylog/vars/main.yaml
new file mode 100644
index 0000000..5d63739
--- /dev/null
+++ b/ansible/windows-graylog-example/roles/windows/graylog/vars/main.yaml
@@ -0,0 +1,11 @@
+---
+# Vars
+# ====
+graylog_server_url: "https://___URL_OF_GRAYLOG_SERVER___/api"
+graylog_server_api_token: "___GRAYLOG_API_TOKEN___"
+graylog_update_interval: 10
+graylog_tls_skip_verify: true
+graylog_send_status: true
+graylog_log_rotate_max_file_size: "10MiB"
+graylog_log_rotate_keep_files: 10
+graylog_collector_validation_timeout: "1m"
diff --git a/ansible/windows-nsclientplusplus-example/README.md b/ansible/windows-nsclientplusplus-example/README.md
new file mode 100644
index 0000000..92763d5
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/README.md
@@ -0,0 +1,9 @@
+# windows-nsclientplusplus-example
+
+## English
+
+🇺🇸 [Deploy NSCLient++ on Windows Servers with an Ansible Role](https://www.thierolf.org/posts/deploy-nsclient-on-windows-servers-with-an-ansible-role/)
+
+## Deutsch
+
+🇩🇪 [Installation von NSClient++ auf Windows Server mit einer Ansible Role](https://www.thierolf.org/posts/installation-von-nsclient-auf-windows-server-mit-einer-ansible-rolle/)
diff --git a/ansible/windows-nsclientplusplus-example/inventory/group_vars/microsoft_windows.yaml b/ansible/windows-nsclientplusplus-example/inventory/group_vars/microsoft_windows.yaml
new file mode 100644
index 0000000..c32d00d
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/inventory/group_vars/microsoft_windows.yaml
@@ -0,0 +1,9 @@
+---
+#
+# group_vars for Microsoft Windows
+ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+ansible_user: "[ANSIBLE_USERNAME]"
+ansible_password: "[ANSIBLE_PASSWORD]"
+ansible_become_password: "{{ ansible_password }}"
+ansible_connection: ssh
+ansible_shell_type: powershell
diff --git a/ansible/windows-nsclientplusplus-example/inventory/host_vars/win-test.example.com.yaml b/ansible/windows-nsclientplusplus-example/inventory/host_vars/win-test.example.com.yaml
new file mode 100644
index 0000000..c537203
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/inventory/host_vars/win-test.example.com.yaml
@@ -0,0 +1,30 @@
+---
+# Ansible-specific
+# ================
+ansible_host: n.n.n.n
+hostname: win-server1
+domainname: example.com
+fqdn: "{{ hostname }}.{{ domainname }}"
+
+# NSClient++
+# ==========
+nscp_module_nrpe_server: enabled
+nscp_module_nrpe_simple_cache: enabled
+nscp_module_nrpe_command_client: disabled
+nscp_module_nrpe_check_disk: enabled
+nscp_module_nrpe_check_eventglog: enabled
+nscp_module_nrpe_check_externalscripts: enabled
+nscp_module_nrpe_check_helpers: enabled
+nscp_module_nrpe_check_logfile: enabled
+nscp_module_nrpe_check_nscp: enabled
+nscp_module_nrpe_check_system: enabled 
+nscp_module_nrpe_check_tasksched: enabled
+nscp_module_nrpe_check_wmi: enabled
+nscp_module_nrpe_check_net: disabled
+
+# NRPE Win-PDH
+# ============
+nrpe_win_pdh_total_disk_reads: true
+nrpe_win_pdh_total_disk_writes: true
+nrpe_win_pdh_thread_context_switches: true
+nrpe_win_pdh_memory_page_faults: true
diff --git a/ansible/windows-nsclientplusplus-example/inventory/inventory.yaml b/ansible/windows-nsclientplusplus-example/inventory/inventory.yaml
new file mode 100644
index 0000000..b6b18f0
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/inventory/inventory.yaml
@@ -0,0 +1,8 @@
+---
+#
+# Inventory
+all:
+  children:
+    microsoft_windows:
+      hosts:
+        win-test.example.com:
diff --git a/ansible/windows-nsclientplusplus-example/playbooks/deploy_win-test.yaml b/ansible/windows-nsclientplusplus-example/playbooks/deploy_win-test.yaml
new file mode 100644
index 0000000..c58cfbe
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/playbooks/deploy_win-test.yaml
@@ -0,0 +1,7 @@
+---
+# Playbook
+# ========
+- hosts: microsoft_windows
+  gather_facts: true
+  roles:
+    - server/windows/nsclientplusplus
diff --git a/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/files/NSCP-0.5.3.4-x64.msi b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/files/NSCP-0.5.3.4-x64.msi
new file mode 100644
index 0000000..a18e233
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/files/NSCP-0.5.3.4-x64.msi
@@ -0,0 +1,2 @@
+!! DUMMY FILE !!
+See: https://github.com/mickem/nscp/releases/tag/0.5.3.4
diff --git a/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/handlers/main.yaml b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/handlers/main.yaml
new file mode 100644
index 0000000..92da21c
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/handlers/main.yaml
@@ -0,0 +1,7 @@
+---
+# Handlers
+# ========
+- name: "Restart: nscp"
+  ansible.windows.win_service:
+    name: nscp
+    state: restarted
diff --git a/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/main.yaml b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/main.yaml
new file mode 100644
index 0000000..1fa8ef2
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/main.yaml
@@ -0,0 +1,10 @@
+---
+# Tasks
+# =====
+- name: "Block"
+  ansible.builtin.include_tasks: "{{ tasks }}"
+  loop:
+    - task_01_install_nsclientplusplus.yaml
+    - task_02_configure_nsclientplusplus.yaml
+  loop_control:
+    loop_var: tasks
diff --git a/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_01_install_nsclientplusplus.yaml b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_01_install_nsclientplusplus.yaml
new file mode 100644
index 0000000..2839ba4
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_01_install_nsclientplusplus.yaml
@@ -0,0 +1,39 @@
+---
+# Tasks
+# =====
+- name: "Block"
+  notify: "Restart: nscp"
+  when: ansible_os_family == "Windows"
+  block:
+
+    - name: "Assert vars: nscp"
+      ansible.builtin.assert:
+        that:
+          - nscp_allowed_hosts is defined
+          - nscp_cache_allowed_hosts is defined
+          - nscp_timeout is defined
+          - nscp_nrpe_allow_arguments is defined
+          - nscp_nrpe_nasty_characters is defined
+          - nscp_nrpe_allowed_hosts is defined
+          - nscp_nrpe_use_ssl is defined
+          - nscp_nrpe_insecure is defined
+          - nscp_nrpe_port is defined
+          - nscp_nrpe_performance_data is defined
+
+    - name: "Create TEMP directory"
+      ansible.windows.win_file:
+        path: C:\Temp
+        state: directory
+
+    - name: "Copy: NSCP-0.5.3.4-x64.msi"
+      ansible.builtin.copy:
+        src: NSCP-0.5.3.4-x64.msi
+        dest: C:\temp\NSCP-0.5.3.4-x64.msi
+
+    - name: "Install: nscp"
+      ansible.windows.win_package:
+        path: C:\temp\NSCP-0.5.3.4-x64.msi
+        creates_path: C:\Program Files\NSClient++
+        arguments:
+        - "/quiet"
+        state: present
diff --git a/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_02_configure_nsclientplusplus.yaml b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_02_configure_nsclientplusplus.yaml
new file mode 100644
index 0000000..0810372
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/tasks/task_02_configure_nsclientplusplus.yaml
@@ -0,0 +1,57 @@
+---
+# Tasks
+# =====
+- name: "Block"
+  notify: "Restart: nscp"
+  when: ansible_os_family == "Windows"
+  block:
+
+    - name: "Assert vars: nscp"
+      ansible.builtin.assert:
+        that:
+          - nscp_allowed_hosts is defined
+          - nscp_cache_allowed_hosts is defined
+          - nscp_timeout is defined
+          - nscp_nrpe_allow_arguments is defined
+          - nscp_nrpe_nasty_characters is defined
+          - nscp_nrpe_allowed_hosts is defined
+          - nscp_nrpe_use_ssl is defined
+          - nscp_nrpe_insecure is defined
+          - nscp_nrpe_port is defined
+          - nscp_nrpe_performance_data is defined
+          - nscp_module_nrpe_server is defined
+          - nscp_module_nrpe_simple_cache is defined
+          - nscp_module_nrpe_command_client is defined
+          - nscp_module_nrpe_check_disk is defined
+          - nscp_module_nrpe_check_eventglog is defined
+          - nscp_module_nrpe_check_externalscripts is defined
+          - nscp_module_nrpe_check_helpers is defined
+          - nscp_module_nrpe_check_logfile is defined
+          - nscp_module_nrpe_check_nscp is defined
+          - nscp_module_nrpe_check_system is defined
+          - nscp_module_nrpe_check_tasksched is defined
+          - nscp_module_nrpe_check_wmi is defined
+          - nscp_module_nrpe_check_net is defined
+          - nrpe_win_pdh_total_disk_reads is defined
+          - nrpe_win_pdh_total_disk_writes is defined
+          - nrpe_win_pdh_thread_context_switches is defined
+          - nrpe_win_pdh_memory_page_faults is defined
+
+    - name: "Deploy config: nsclient.ini.j2"
+      ansible.builtin.template:
+        src: nsclient.ini.j2
+        dest: C:\Program Files\NSClient++\nsclient.ini
+        backup: true
+
+    - name: "Set Win-Firewall to allow nscp"
+      community.windows.win_firewall_rule:
+        name: "[ansible-managed] Allow-TCP-NSClient++"
+        localport: {{ nscp_nrpe_port }}
+        action: allow
+        direction: in
+        protocol: tcp
+        profiles: 
+        - domain
+        - private
+        enabled: yes
+        state: present
diff --git a/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/templates/nsclient.ini.j2 b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/templates/nsclient.ini.j2
new file mode 100644
index 0000000..7d1b662
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/templates/nsclient.ini.j2
@@ -0,0 +1,60 @@
+#
+# !! This configuration file is managed by Ansible !!
+# !! DO NOT change local file. Change Ansible role !!
+#
+[/settings/default]
+allowed hosts = {{ nscp_allowed_hosts }}
+cache allowed hosts = {{ nscp_cache_allowed_hosts }}
+timeout = {{ nscp_timeout }}
+
+[/settings/NRPE/server]
+allow arguments = {{ nscp_nrpe_allow_arguments }}
+allow nasty characters = {{ nscp_nrpe_nasty_characters }}
+allowed hosts = {{ nscp_nrpe_allowed_hosts }}
+use ssl = {{ nscp_nrpe_use_ssl }}
+insecure = {{ nscp_nrpe_insecure }}
+port = {{ nscp_nrpe_port }}
+performance data = {{ nscp_nrpe_performance_data }}
+
+[/modules]
+NRPEServer = {{ nscp_module_nrpe_server }}
+SimpleCache = {{ nscp_module_nrpe_simple_cache }}
+CommandClient = {{ nscp_module_nrpe_command_client }}
+CheckDisk = {{ nscp_module_nrpe_check_disk }}
+CheckEventLog = {{ nscp_module_nrpe_check_eventglog }}
+CheckExternalScripts = {{ nscp_module_nrpe_check_externalscripts }}
+CheckHelpers = {{ nscp_module_nrpe_check_helpers }}
+CheckLogFile = {{ nscp_module_nrpe_check_logfile }}
+CheckNSCP = {{ nscp_module_nrpe_check_nscp }}
+CheckSystem = {{ nscp_module_nrpe_check_system }}
+CheckTaskSched = {{ nscp_module_nrpe_check_tasksched }}
+CheckWMI = {{ nscp_module_nrpe_check_wmi }}
+CheckNet = {{ nscp_module_nrpe_check_net }}
+
+#
+# Standard Performance Counters
+#
+{% if nrpe_win_pdh_total_disk_reads == true %}
+[/settings/system/windows/counters/TotalDiskReads]
+collection strategy=rrd
+useEnglishOnly = 1
+counter=\PhysicalDisk(_Total)\Disk Reads/sec
+{% endif %}
+{% if nrpe_win_pdh_total_disk_writes == true %}
+[/settings/system/windows/counters/TotalDiskWrites]
+collection strategy=rrd
+useEnglishOnly = 1
+counter=\PhysicalDisk(_Total)\Disk Writes/sec
+{% endif %}
+{% if nrpe_win_pdh_thread_context_switches == true %}
+[/settings/system/windows/counters/ThreadContextSwitches]
+collection strategy=rrd
+useEnglishOnly = 1
+counter=\Thread(*)\Context Switches/sec
+{% endif %}
+{% if nrpe_win_pdh_memory_page_faults == true %}
+[/settings/system/windows/counters/MemoryPageFaults]
+collection strategy=rrd
+useEnglishOnly = 1
+counter=\Memory\Page Faults/sec
+{% endif %}
diff --git a/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/vars/main.yaml b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/vars/main.yaml
new file mode 100644
index 0000000..7f3c3f1
--- /dev/null
+++ b/ansible/windows-nsclientplusplus-example/roles/windows/nsclientplusplus/vars/main.yaml
@@ -0,0 +1,14 @@
+---
+# Vars
+# ====
+nscp_allowed_hosts: "___IP_MONITORING_SYSTEM___"
+nscp_cache_allowed_hosts: true
+nscp_timeout: 90
+
+nscp_nrpe_allow_arguments: true
+nscp_nrpe_nasty_characters: true
+nscp_nrpe_allowed_hosts: "___IP_MONITORING_SYSTEM___"
+nscp_nrpe_use_ssl: false
+nscp_nrpe_insecure: true
+nscp_nrpe_port: 5666
+nscp_nrpe_performance_data: true
diff --git a/ansible/windows-snmp-example/README.md b/ansible/windows-snmp-example/README.md
new file mode 100644
index 0000000..c3335a2
--- /dev/null
+++ b/ansible/windows-snmp-example/README.md
@@ -0,0 +1,9 @@
+# windows-snmp-example
+
+## English
+
+🇺🇸 [OpenSSH Server on Windows and SNMP Service Installation with Ansible](https://www.thierolf.org/posts/openssh-server-on-windows-and-snmp-service-installation-with-ansible/)
+
+## Deutsch
+
+🇩🇪 [OpenSSH Server unter Windows und SNMP Service Installation mit Ansible](https://www.thierolf.org/posts/openssh-server-unter-windows-und-snmp-service-installation-mit-ansible/)
diff --git a/ansible/windows-snmp-example/inventory/group_vars/microsoft_windows.yaml b/ansible/windows-snmp-example/inventory/group_vars/microsoft_windows.yaml
new file mode 100644
index 0000000..213b94c
--- /dev/null
+++ b/ansible/windows-snmp-example/inventory/group_vars/microsoft_windows.yaml
@@ -0,0 +1,10 @@
+---
+#
+# group_vars for Microsoft Windows
+#
+ansible_ssh_common_args: "-o StrictHostKeyChecking=no"
+ansible_user: "[ANSIBLE_USERNAME]"
+ansible_password: "[ANSIBLE_PASSWORD]"
+ansible_become_password: "{{ ansible_password }}"
+ansible_connection: ssh
+ansible_shell_type: powershell
diff --git a/ansible/windows-snmp-example/inventory/host_vars/win-test.example.com.yaml b/ansible/windows-snmp-example/inventory/host_vars/win-test.example.com.yaml
new file mode 100644
index 0000000..e175f54
--- /dev/null
+++ b/ansible/windows-snmp-example/inventory/host_vars/win-test.example.com.yaml
@@ -0,0 +1,8 @@
+---
+# 
+# host_vars for Microsoft Windows
+#
+ansible_host: [IPV4_ADDRESS]
+hostname: win-test
+domainname: example.com
+fqdn: "{{ hostname }}.{{ domainname }}"
diff --git a/ansible/windows-snmp-example/inventory/inventory.yaml b/ansible/windows-snmp-example/inventory/inventory.yaml
new file mode 100644
index 0000000..8b11dd2
--- /dev/null
+++ b/ansible/windows-snmp-example/inventory/inventory.yaml
@@ -0,0 +1,9 @@
+---
+#
+# Inventory
+#
+all:
+  children:
+    microsoft_windows:
+      hosts:
+        win-test.example.com:
diff --git a/ansible/windows-snmp-example/playbooks/deploy_win-test.yaml b/ansible/windows-snmp-example/playbooks/deploy_win-test.yaml
new file mode 100644
index 0000000..62a4653
--- /dev/null
+++ b/ansible/windows-snmp-example/playbooks/deploy_win-test.yaml
@@ -0,0 +1,8 @@
+---
+#
+# Playbook
+#
+- hosts: win-test.example.com
+  gather_facts: true
+  roles:
+    - windows/snmp
diff --git a/ansible/windows-snmp-example/roles/windows/snmp/main.yaml b/ansible/windows-snmp-example/roles/windows/snmp/main.yaml
new file mode 100644
index 0000000..6c95668
--- /dev/null
+++ b/ansible/windows-snmp-example/roles/windows/snmp/main.yaml
@@ -0,0 +1,12 @@
+---
+#
+# Tasks
+#
+- name: "Block"
+  ansible.builtin.include_tasks: "{{ tasks }}"
+  loop:
+    - task_01_install_snmp.yaml
+    - task_02_config_sysinfo.yaml
+    - task_03_config_firewall.yaml
+  loop_control:
+    loop_var: tasks
diff --git a/ansible/windows-snmp-example/roles/windows/snmp/task_01_install_snmp.yaml b/ansible/windows-snmp-example/roles/windows/snmp/task_01_install_snmp.yaml
new file mode 100644
index 0000000..792c21d
--- /dev/null
+++ b/ansible/windows-snmp-example/roles/windows/snmp/task_01_install_snmp.yaml
@@ -0,0 +1,26 @@
+---
+#
+# task_01_install_snmp.yaml
+#
+- name: "Install SNMP-Service"
+  ansible.windows.win_feature:
+    name: SNMP-Service
+    state: present
+    include_sub_features: true
+    include_management_tools: true
+
+- name: "Install RSAT-SNMP"
+  ansible.windows.win_feature:
+    name: RSAT-SNMP
+    state: present
+    include_sub_features: true
+    include_management_tools: true
+
+- name: "Set Win-SNMP-Communities"
+  community.windows.win_snmp:
+    community_strings:
+    - "[SNMP_COMMUNITY]"
+    permitted_managers:
+    - localhost
+    - [IPV4_OF_MONITORING_SYSTEM]
+    action: set
\ No newline at end of file
diff --git a/ansible/windows-snmp-example/roles/windows/snmp/task_02_config_sysinfo.yaml b/ansible/windows-snmp-example/roles/windows/snmp/task_02_config_sysinfo.yaml
new file mode 100644
index 0000000..f224162
--- /dev/null
+++ b/ansible/windows-snmp-example/roles/windows/snmp/task_02_config_sysinfo.yaml
@@ -0,0 +1,13 @@
+---
+#
+# task_02_config_sysinfo.yaml
+#
+- name: "Set SNMP-sysContact"
+  ansible.windows.win_powershell:
+    script: |
+      Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent" -Name "sysContact" -Value "SNMP_TEST_CONTACT"
+
+- name: "Set SNMP-sysLocation"
+  ansible.windows.win_powershell:
+    script: |
+      Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SNMP\Parameters\RFC1156Agent" -Name "sysLocation" -Value "SNMP_TEST_LOCATION"
diff --git a/ansible/windows-snmp-example/roles/windows/snmp/task_03_config_firewall.yaml b/ansible/windows-snmp-example/roles/windows/snmp/task_03_config_firewall.yaml
new file mode 100644
index 0000000..ab8de7d
--- /dev/null
+++ b/ansible/windows-snmp-example/roles/windows/snmp/task_03_config_firewall.yaml
@@ -0,0 +1,16 @@
+---
+#
+# task_03_config_firewall.yaml
+#
+- name: "Set Win-Firewall to allow SNMP Queries"
+  community.windows.win_firewall_rule:
+    name: "Allow-UDP-SNMP [ansible-managed]"
+    localport: 161
+    action: allow
+    direction: in
+    protocol: udp
+    profiles: 
+    - domain
+    - private
+    enabled: yes
+    state: present