In this mode your script runs not on the server, but locally on your machine, so that you can pause and debug it.
Don't know how to code in JavaScript? Check out this free interactive course!
In this mode your script runs not on the server, but locally on your machine, so that you can pause and debug it.
Don't know how to code in JavaScript? Check out this free interactive course!
Set-PSDebug -Off | |
# splunk service details | |
$splunkService = "SplunkForwarder" | |
# path to splunk configs | |
$splunk_serverconf = 'C:\Program Files\SplunkUniversalForwarder\etc\system\local\server.conf' | |
$splunk_inputsconf = 'C:\Program Files\SplunkUniversalForwarder\etc\system\local\inputs.conf' | |
# get current computername |
the otel collector is a reasonably nice way to scrape prometheus enpoints
it is obviously designed for use with splunk's olly cloud, but the otel collector supports output to splunk hec tokens as well.
im running multiple docker containers (to seperate workloads).
first, create configs
#!/usr/bin/python3 | |
# a quick and dirty dns test script | |
# checks to see if we can resolve a list of hosts | |
# writes to the hec endpoint on the localhost | |
# (expected to be run from hfw) | |
# | |
# cron: * * * * * /root/dnstest.py >/tmp/dnstest.out 2>&1 | |
# | |
# mark.vandenbos@gmail.com |
#!/usr/bin/env bash | |
# set -euxo pipefail | |
# ---- | |
# | |
# report ip address changes to slack channel | |
# | |
# this script detects and reports ip address changes | |
# to me via personal slack message. | |
# |
abandoned | |
able | |
absolute | |
adorable | |
adventurous | |
academic | |
acceptable | |
acclaimed | |
accomplished | |
accurate |
TZ="Australia/Brisbane" | |
SPLUNK_ENDPOINT="https://myendpoint.splunkcloud.com:8089" | |
SPLUNK_USERNAME="splunkusername" | |
SPLUNK_PASSWORD="splunkpassword" | |
SPLUNK_APP="splunkapp" |
#!/bin/bash | |
# | |
# sync specific lastpass credentials with onepass | |
# | |
# my employer uses lastpass, but i use 1password. i dont | |
# want to replicate all my work passwords into 1password | |
# but i do want to replicate a few "critical" passwords | |
# (eg webmail) so i can check my emails from home. this | |
# script is a quick hack to do this. |
| rest splunk_server=local /services/data/inputs/http | |
``` | |
some fields may not be populated so | |
we try to come up with sane defaults | |
``` | |
| eval allowQueryStringAuth = if(isnull(allowQueryStringAuth), "false", allowQueryStringAuth) | |
| eval useACK = if(isnull(useACK), "false", useACK) | |
| eval indexes = if(isnull(indexes), index, mvjoin(indexes, " ")) | |
| fillnull value="" sourcetype | |
| rex field=title ".*\/\/(?<x_description>[^\$]+)" |