acharlieh

This is a Gist of useful Splunk Queries.

acharlieh

| noop 
| stats count 
| fields 
| eval raw=split("a=3 b=9 ; a=5 b=1 ; a=10 b=10 ; a=5 b=8 ; a=3 b=1 ; a=6 b=9 ; a=4 b=9 ; a=3 b=1 ; a=7 b=7 ; a=5 b=9 ; a=6 b=10 ; a=7 b=10 ; a=6 b=7 ; a=1 b=8 ; a=8 b=7 ; a=6 b=6 ; a=3 b=7 ; a=2 b=8 ; a=9 b=3 ; a=5 b=2 ; a=5 b=8 ; a=8 b=10 ; a=10 b=7 ; a=6 b=1 ; a=2 b=4 ; a=5 b=7 ; a=9 b=5 ; a=6 b=7 ; a=9 b=6 ; a=4 b=10 ; a=10 b=7 ; a=7 b=7 ; a=6 b=6 ; a=6 b=3 ; a=2 b=9 ; a=2 b=7 ; a=2 b=5 ; a=3 b=9 ; a=3 b=9 ; a=1 b=5 ; a=5 b=7 ; a=5 b=3 ; a=6 b=6 ; a=10 b=9 ; a=3 b=2 ; a=10 b=8 ; a=1 b=4 ; a=4 b=4 ; a=2 b=4 ; a=9 b=4 ; a=2 b=1 ; a=3 b=6 ; a=2 b=3 ; a=1 b=9 ; a=10 b=6 ; a=2 b=6 ; a=3 b=3 ; a=10 b=6 ; a=3 b=5 ; a=2 b=5 ; a=5 b=5 ; a=6 b=4 ; a=5 b=5 ; a=6 b=10 ; a=4 b=8 ; a=5 b=1 ; a=3 b=1 ; a=3 b=7 ; a=3 b=4 ; a=6 b=10 ; a=1 b=8 ; a=9 b=9 ; a=8 b=4 ; a=7 b=8 ; a=7 b=9 ; a=1 b=3 ; a=9 b=8 ; a=2 b=3 ; a=7 b=1 ; a=2 b=8 ; a=6 b=3 ; a=6 b=6 ; a=1 b=3 ; a=7 b=1 ; a=8 b=1 ; a=10 b=5 ; a=7 b=6 ; a=2 b=8 ; a=1 b=4 ; a=8 b=6 ; a=5 b=10 ; a=10 b=7 ; a=7 b=4 ; a=10 b=4 ; a=5 b=9 ; a=8 b

acharlieh

<dashboard>
  <label>Timezone Test</label>
  <row>
    <panel>
      <title>User Info</title>
      <single>
        <title>User Time Zone</title>
        <search id="info">
          <query>
            <![CDATA[

acharlieh

def bars(k)
  n = chord(k,:sus4)
  ([n[0]]*4 + [n[1]]*2 + [n[0]]*2 + [n[2],n[1]] + [n[0]]*2)
end

use_bpm 200
use_synth :piano
use_debug false

set :key, :C2

acharlieh

alias jpgoptim='find . -iname '"'"'*.jpg'"'"' -exec convert {} -sampling-factor 4:2:0 -strip -quality 85 -interlace JPEG -colorspace sRGB {}.new \; -exec bash -c "ls -l {} {}.new | awk '"'"'/\.jpg\$/ {old=\$5;oldf=\$9} /\.jpg\.new\$/ {new=\$5;newf=\$9} END { if(old<=new) print \"rm \" newf; else print \"mv \" newf \" \" oldf  }'"'"' " \; | bash -x'

acharlieh

Keybase proof

I hereby claim:

• I am acharlieh on github.
• I am acharlieh (https://keybase.io/acharlieh) on keybase.
• I have a public key ASCTCJPIiM2QV1Bq-J5ffyxWr3k473iamt6WWV4ohHZusAo

To claim this, I am signing this object:

acharlieh

| gentimes increment=1s 
    [ makeresults 
    | addinfo 
    | rename info_max_time -> end info_min_time -> start 
    | fields start end 
    | convert timeformat="%m/%d/%y:%H:%M:%S" ctime(*) as * 
    | format "" "" "" "" "" ""] 
| rename starttime -> _time 
| fields 
| bin span=1h _time as hourly 

acharlieh

require 'json'

# Cookbooks from a folder (like when you do a berks vendor)
# json = Dir.glob('./*/metadata.json').collect do |file|

# Cookbooks from a node cache
json = Dir.glob('/var/chef/cache/cookbooks/*/metadata.json').collect do |file|
  hash = JSON.parse(File.read(file))
  { hash['name'] => hash['version'] }
end.reduce({}, :merge).to_json

acharlieh

require 'chef-vault'
data = JSON.parse(File.open('data_bags/cerner_splunk/license_secrets_keys.json').read())

keys = (data['clients'] + data['admins']).inject({}) do |m,c|
  pem = (c == 'knife_workstation') ? 'fake-key.pem' : "pems/#{c}.pem"
  private_key = OpenSSL::PKey::RSA.new(File.open(pem).read())
  m[c] = private_key.private_decrypt(Base64.decode64(data[c]))
  m
end

acharlieh

# -*- mode: ruby -*-
# vi: set ft=ruby :

@boxes = {
  centos510: {box:'opscode_centos-5.10_provisionerless',box_url:'http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-5.10_chef-provisionerless.box'},
  centos65: {box:'opscode_centos-6.5_provisionerless',box_url:'http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box'},
}

Vagrant.configure('2') do |config|
  config.berkshelf.enabled = false