Skip to content

Instantly share code, notes, and snippets.

View adriansr's full-sized avatar

Adrian Serrano adriansr

56 followers · 32 following
  • Barcelona
View GitHub Profile
@adriansr
adriansr / codes.csv
Created May 20, 2022 07:32
SonicWall SonicOS/X 7.0.1 Log Event Messages list in CSV format
EventID SonicOS/XCategory Name SonicOS/XGroup Name Syslog LegacyCategory PriorityLevel SNMPTrap Type Event Name Log Event Message
4 System Status Maintenance ALERT 5201 Activate Firewall Network Security Appliance activated
5 Log General Maintenance INFO 5601 Clear Log Log Cleared
6 Log E-mail Maintenance INFO 5602 E-mail Log Log successfully sent via E-mail
10 Security Services General System Error ERROR 602 Setting Error on Load Problem loading the URL List; check Filter settings
12 Log E-mail System Error WARNING 604 E-mail Check Error on Load Problem sending log E-mail; check log settings
14 Security Services Content Filter Blocked Sites ERROR 701 Website Blocked Web site access denied
16 Security Services Content Filter Blocked Sites NOTICE 703 Website Accessed Web site access allowed
22 Security Services Attacks Attack ALERT 501 Ping of Death Blocked Ping of death dropped
23 Security Services Attacks Attack ALERT 502 IP Spoof Detected IP spoof dropped
@adriansr
adriansr / printGforce.nas
Created November 7, 2020 11:36
flightgear landing evaluator
# print G force when touchdown.
var VERSION = "1.1";
props.globals.initNode("position/gear-agl-ft", 0);
var N = 100;
var count = N;
var maxG = 0.0;
var minVs = 0.0;
var touchGs = 0.0;
@adriansr
adriansr / cisco-asa-pipeline.js
Created April 22, 2020 14:10
// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
// or more contributor license agreements. Licensed under the Elastic License;
// you may not use this file except in compliance with the Elastic License.
var processor = require("processor");
var console = require("console");
var device;
// Register params from configuration.
@adriansr
adriansr / ciscoasa-pipeline.js
Created April 21, 2020 08:50
This file has been truncated, but you can view the full file.
// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
// or more contributor license agreements. Licensed under the Elastic License;
// you may not use this file except in compliance with the Elastic License.
var processor = require("processor");
var console = require("console");
var device;
// Register params from configuration.
@adriansr
adriansr / gist:0182dd16c51dc35a811d2b223e7979fc
Created April 16, 2020 11:15
GOROOT=/Users/adrian/.gvm/versions/go1.13.10.darwin.amd64 #gosetup
GOPATH=/Users/adrian/go #gosetup
/Users/adrian/.gvm/versions/go1.13.10.darwin.amd64/bin/go test -c -o /private/var/folders/4t/d2fxfql505j76bjd6yb6qhc80000gn/T/___TestReplaceIndexInIndexPattern_in_github_com_elastic_beats_v7_libbeat_dashboards github.com/elastic/beats/v7/libbeat/dashboards #gosetup
/Users/adrian/.gvm/versions/go1.13.10.darwin.amd64/bin/go tool test2json -t /private/var/folders/4t/d2fxfql505j76bjd6yb6qhc80000gn/T/___TestReplaceIndexInIndexPattern_in_github_com_elastic_beats_v7_libbeat_dashboards -test.v -test.run ^TestReplaceIndexInIndexPattern$ #gosetup
=== RUN TestReplaceIndexInIndexPattern
=== RUN TestReplaceIndexInIndexPattern/Replace_in_[]interface(map).map
=== RUN TestReplaceIndexInIndexPattern/Replace_in_[]interface(map).mapstr
=== RUN TestReplaceIndexInIndexPattern/Replace_in_[]map.mapstr
=== RUN TestReplaceIndexInIndexPattern/Replace_in_[]mapstr.mapstr
=== RUN TestReplaceIndexInIndexPattern/Replace_in_[]maps
@adriansr
adriansr / cisco-asa-pipeline.json
Created December 2, 2019 13:32
{
"filebeat-8.0.0-cisco-asa-asa-ftd-pipeline" : {
"description" : "Pipeline for Cisco ASA logs",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"(?:%{SYSLOG_HEADER})?\\s*%{GREEDYDATA:log.original}"
],
@adriansr
adriansr / diff-filebeat-fileset-test-failure.py
Last active October 24, 2019 08:52
Diff filebeat module fileset test failure
# Helper to find what's wrong when a Filebeat's fileset
# fails with the error:
#
# The following expected object was not found:
# {
# [...]
# }
# Searched in:
# [
# [...]
@adriansr
adriansr / random_cisco_asa.py
Created April 4, 2019 21:36
Random Cisco ASA logs generator
from datetime import datetime, date, time, timedelta
import random
class WeightedRand:
def __init__(self, weights):
self.v = []
self.n = sum(weights.values())
for (k, v) in weights.iteritems():
self.v += [k] * v
@adriansr
adriansr / iptables_random.py
Created April 4, 2019 21:35
Random log generator for iptables module
import os
import random as rnd
import re
import sys
random_ips = set()
ips = {}
doc_ips = [[192, 0, 2], [198, 51, 100], [203, 0, 113]]
known_prefixes = set([ '.'.join([str(y) for y in x ]) for x in [
@adriansr
adriansr / auditd USER_AUTH USER_LOGIN
Last active July 3, 2023 10:47
# local login failed
"type=USER_AUTH msg=audit(1553622768.697:628): pid=6261 uid=0 auid=1002 ses=40 msg='op=PAM:authentication acct=\"root\" exe=\"/bin/login\" hostname=? addr=? terminal=/dev/pts/1 res=failed'"
"type=USER_LOGIN msg=audit(1553622768.697:629): pid=6261 uid=0 auid=1002 ses=40 msg='op=login acct=\"root\" exe=\"/bin/login\" hostname=? addr=? terminal=/dev/pts/1 res=failed'"
# local login succeeded
"type=USER_AUTH msg=audit(1553622784.557:630): pid=6261 uid=0 auid=1002 ses=40 msg='op=PAM:authentication acct=\"adrian\" exe=\"/bin/login\" hostname=? addr=? terminal=/dev/pts/1 res=success'"
"type=USER_LOGIN msg=audit(1553622784.973:634): pid=6261 uid=0 auid=1002 ses=40 msg='op=login acct=\"adrian\" exe=\"/bin/login\" hostname=? addr=? terminal=/dev/pts/1 res=success'"