| [Unit] | |
| Description=CrowdStrike Falcon Host SIEM Connector | |
| ConditionPathExists=/opt/crowdstrike/etc/cs.falconhoseclient.cfg | |
| [Service] | |
| User=daemon | |
| UMask=022 | |
| LimitNOFILE=10000 | |
| TimeoutStopSec=90 | |
| WorkingDirectory=/opt/crowdstrike/bin |
The apt-get version of node is incredibly old, and installing a new copy is a bit of a runaround.
So here's how you can use NVM to quickly get a fresh copy of Node on your new Bash on Windows install
$ touch ~/.bashrc
$ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash
// restart bash
$ nvm install --lts
| certifi==2016.8.8 | |
| elasticsearch-curator==4.0.6 | |
| PyYAML==3.11 |
| input { | |
| syslog = { | |
| type => syslog | |
| port => 514 | |
| } | |
| } | |
| filter { | |
| grok { | |
| type => "auditd" | |
| pattern => [" AUDIT type=%{WORD:audit_type} msg=audit\(%{NUMBER:audit_epoch}:%{NUMBER:audit_coun |
| Latency Comparison Numbers (~2012) | |
| ---------------------------------- | |
| L1 cache reference 0.5 ns | |
| Branch mispredict 5 ns | |
| L2 cache reference 7 ns 14x L1 cache | |
| Mutex lock/unlock 25 ns | |
| Main memory reference 100 ns 20x L2 cache, 200x L1 cache | |
| Compress 1K bytes with Zippy 3,000 ns 3 us | |
| Send 1K bytes over 1 Gbps network 10,000 ns 10 us | |
| Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD |
| AUDIT type=%{WORD:audit_type} msg=audit\(%{NUMBER:audit_epoch}:%{NUMBER:audit_counter}\): user pid=%{NUMBER:audit_pid} uid=%{NUMBER:audit_uid} auid=%{NUMBER:audit_audid} subj=%{WORD:audit_subject} msg=%{GREEDYDATA:audit_message} | |
| AUDITLOGIN type=%{WORD:audit_type} msg=audit\(%{NUMBER:audit_epoch}:%{NUMBER:audit_counter}\): login pid=%{NUMBER:audit_pid} uid=%{NUMBER:audit_uid} old auid=%{NUMBER:old_auid} new auid=%{NUMBER:new_auid} old ses=%{NUMBER:old_ses} new ses=%{NUMBER:new_ses} |