diff --git a/sio2/CYBER/Ansible/syslog-cli.yml b/sio2/CYBER/Ansible/syslog-cli.yml
new file mode 100644
index 0000000..79730f1
--- /dev/null
+++ b/sio2/CYBER/Ansible/syslog-cli.yml
@@ -0,0 +1,45 @@
+---
+- name: syslog.yml
+  hosts: web
+  tasks:
+  - name:  1. installer rsyslog
+    apt:
+      name: rsyslog
+      state: latest
+
+  - name: ajout du serveur syslog distant 
+    lineinfile:
+      path: /etc/rsyslog.conf
+      line: '*.* @172.20.10.4:514'
+      insertbefore: EOF
+      create: yes 
+    notify:
+      - 5. redemarrer rsyslog
+ 
+        # - name: 3. Ajout de la ligne ForwardToSyslog
+      #shell: echo "ForwardToSyslog=yes" >> /etc/systemd/journald.conf
+ 
+  - name: 4. Decommente la ligne ForwardToSyslog
+    replace:
+      path: /etc/systemd/journald.conf
+      regexp: '^#ForwardToSyslog=yes'
+      replace: 'ForwardToSyslog=yes'
+    notify: 6. redemarrer journald.service
+
+        # notify:
+        #- restart rsyslog
+        #- name: redemarrage de syslog
+        #- restart journald.service
+        #- name: redemarrage de journald.service
+
+  handlers:
+  - name: 5. redemarrer rsyslog
+    service:
+      name: rsyslog
+      state: restarted
+      
+  - name: 6. redemarrer journald.service
+    service:
+      name: systemd-journald.service
+      state: restarted
+
diff --git a/sio2/CYBER/Ansible/syslog.yml b/sio2/CYBER/Ansible/syslog.yml
new file mode 100644
index 0000000..6c7a859
--- /dev/null
+++ b/sio2/CYBER/Ansible/syslog.yml
@@ -0,0 +1,52 @@
+---
+- name: syslog.yml
+  hosts: infra
+  tasks:
+  - name:  1. installer rsyslog
+    apt:
+      name: rsyslog
+      state: latest
+  
+  - name:  2. decommente le chargement du module imudp dans rsyslog.conf
+    replace:
+      path: /etc/rsyslog.conf
+      regexp: '^#module\(load="imudp"\)'
+      replace: 'module(load="imudp")'
+    notify:
+      - 5. redemarrer rsyslog
+ 
+  - name:  3. decommente le chargement du module imudp  port 514 dans rsyslog.conf
+    replace:
+      path: /etc/rsyslog.conf
+      regexp: '^#input\(type="imudp" port="514"\)'
+      replace: 'input(type="imudp" port="514")'
+    notify:
+      - 5. redemarrer rsyslog
+
+        # - name: 3. Ajout de la ligne ForwardToSyslog
+      #shell: echo "ForwardToSyslog=yes" >> /etc/systemd/journald.conf
+ 
+  - name: 4. Decommente la ligne ForwardToSyslog
+    replace:
+      path: /etc/systemd/journald.conf
+      regexp: '^#ForwardToSyslog=yes'
+      replace: 'ForwardToSyslog=yes'
+    notify: 6. redemarrer journald.service
+
+        # notify:
+        #- restart rsyslog
+        #- name: redemarrage de syslog
+        #- restart journald.service
+        #- name: redemarrage de journald.service
+
+  handlers:
+  - name: 5. redemarrer rsyslog
+    service:
+      name: rsyslog
+      state: restarted
+      
+  - name: 6. redemarrer journald.service
+    service:
+      name: systemd-journald.service
+      state: restarted
+