Andrew Cholakian andrewvc

## logstash-character-hack.conf
input { generator {} }
filter {
  ruby {
    # Add a \t (tab) by using its ASCII code (9)
    code => 'event.set("message", 9.chr + event.get("message"))'
  }

  ruby {
    # Make a new field with the tab removed
    code => 'event.set("tabless", event.get("message").gsub(9.chr, ""))'

## example.sh
./logstash_benchmarker.rb --warmup 60 --duration 120 -e  "input { generator {} } output { elasticsearch {} }"

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                andrewvc
                / keybase.md
            
            
              Created
              March 24, 2016 17:23
            
          
    Keybase proof

I hereby claim:

I am andrewvc on github.
I am andrewvc (https://keybase.io/andrewvc) on keybase.
I have a public key whose fingerprint is D111 4B56 078A A1FF A5FD  7DE3 46AC D7C3 2B45 0C77

To claim this, I am signing this object:

  
## simplekv.conf
input {
  generator {
    message => "baz=bot blah=bar"
    count => 10000000
  }
}

filter {
  kv {}
  mutate {

## apache-no-io
input {
  stdin {}
}

filter {
  grok {
    match => {
      "message" => '%{IPORHOST:clientip} %{USER:ident} %{USER:auth} \[%{HTTPDATE:timestamp}\] "%{WORD:verb} %{DATA:request} HTTP/%{NUMBER:httpversion}" %{NUMBER:response:int} (?:-|%{NUMBER:bytes:int}) %{QS:referrer} %{QS:agent}'
    }
  }

## gist:b25097d19aa50df8e05f
input {
  generator {
    lines => ["foo", "bar", "baz", "something bad"]
    count => 1000000
  }
}

filter {
  if [message] == "foo" {
    mutate { add_field => { "is_foo" => true }}

## lightshow.c
#include <stdio.h>
#include <stdlib.h>
#include <wiringPi.h>
#include <unistd.h>

typedef struct
{
  int num;
  int state;
} Pin;

## documents.yaml
_type: product
name: Vacuum Cleaner
---
_type: product
name: Turkey Baster

## elasticsearch.conf
# ElasticSearch upstart script

description     "ElasticSearch service"

start on (net-device-up
          and local-filesystems
          and runlevel [2345])

stop on runlevel [016]

## laruby-elasticsearchtalk.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              9 stars
            
          
                andrewvc
                / laruby-elasticsearchtalk.md
            
            
              Last active
              December 18, 2015 11:58
            
          
    An Elasticsearch in Crash Course!

By Andrew Cholakian

All examples use the Stretcher ruby gem
What is Elasticsearch?


An Information Retrieval (IR) System
A way to search your data in terms of natural language, and so much more
	input { generator {} }
	filter {
	ruby {
	# Add a \t (tab) by using its ASCII code (9)
	code => 'event.set("message", 9.chr + event.get("message"))'
	}

	ruby {
	# Make a new field with the tab removed
	code => 'event.set("tabless", event.get("message").gsub(9.chr, ""))'
	input {
	generator {
	message => "baz=bot blah=bar"
	count => 10000000
	}
	}

	filter {
	kv {}
	mutate {
	input {
	stdin {}
	}

	filter {
	grok {
	match => {
	"message" => '%{IPORHOST:clientip} %{USER:ident} %{USER:auth} \[%{HTTPDATE:timestamp}\] "%{WORD:verb} %{DATA:request} HTTP/%{NUMBER:httpversion}" %{NUMBER:response:int} (?:-\|%{NUMBER:bytes:int}) %{QS:referrer} %{QS:agent}'
	}
	}
	input {
	generator {
	lines => ["foo", "bar", "baz", "something bad"]
	count => 1000000
	}
	}

	filter {
	if [message] == "foo" {
	mutate { add_field => { "is_foo" => true }}
	#include <stdio.h>
	#include <stdlib.h>
	#include <wiringPi.h>
	#include <unistd.h>

	typedef struct
	{
	int num;
	int state;
	} Pin;
	_type: product
	name: Vacuum Cleaner
	---
	_type: product
	name: Turkey Baster
	# ElasticSearch upstart script

	description "ElasticSearch service"

	start on (net-device-up
	and local-filesystems
	and runlevel [2345])

	stop on runlevel [016]