This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create a temp timestamp field from the dates field | |
mutate { | |
add_field => [ "tmpts", "${dates}" ] | |
} | |
# Add the heure field to create an array of both fields | |
mutate { | |
merge => ["tmpts", "heure"] | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Keybase proof | |
I hereby claim: | |
* I am coolacid on github. | |
* I am coolacid (https://keybase.io/coolacid) on keybase. | |
* I have a public key whose fingerprint is D6A0 7736 D260 804B 9289 254B 7B72 7179 9E47 83CB | |
To claim this, I am signing this object: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BTC: 1G2bhiJxsuNzJzyCERPQssh1KEChTXgNY2 | |
LTC: LaxvCQayvnL8mqJXVxqcZCtHo2HsLHMTxh | |
Doge: DHu7qGvaVw4jqYkpdHJj4KQF81RFxdvMN3 | |
Gratipay: https://gratipay.com/coolacid/ | |
Streamtip: https://streamtip.com/t/coolacid |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python2 | |
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) | |
# The author disclaims copyright to this source code. | |
import sys | |
import struct | |
import socket | |
import time | |
import select |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
date { | |
# May 08 10:18:18 | |
match => ["timestamp", "MMM dd HH:mm:ss"] | |
# We don't have a timezone on the log, so we can define it. | |
timezone => "America/Toronto" | |
target => "timestamp" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Config file here: https://github.com/coolacid/GettingStartedWithELK/blob/master/Other/KV/KV_Stomping.conf | |
10,000 of each generator type | |
Command: time bin/logstash -f KV_Stomping.conf > /dev/null | |
With Conditionals | |
real 0m21.677s | |
user 0m44.223s | |
sys 0m1.781s |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
find . -name '*timthumb.php' -o -name '*img.php' | xargs grep -i "WEBSHOT_ENABLED" | grep -i true | grep -vi error |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
# | |
# Copyright (c) 2014 Nicolas Blais | |
# All rights reserved. | |
# | |
# Redistribution and use in source and binary forms, with or without | |
# modification, are permitted provided that the following conditions | |
# are met: | |
# 1. Redistributions of source code must retain the above copyright | |
# notice, this list of conditions and the following disclaimer. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
from pygithub3 import Github | |
from subprocess import call | |
import os | |
gh = Github() | |
#es = gh.orgs.get('elasticsearch') | |
repos = gh.repos.list_by_org('logstash-plugins') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
input { | |
generator { | |
message => "9.8.7.6 5.4.3.2" | |
count => 1 | |
} | |
} | |
filter { | |
grok { | |
match => [ "message", "%{IPORHOST:src} %{IPORHOST:dst}" ] |
OlderNewer