Skip to content

Instantly share code, notes, and snippets.

Elijah Paul elijahpaul

Block or report user

Report or block elijahpaul

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@elijahpaul
elijahpaul / pfsense2-2.grok
Last active Oct 25, 2018
pfSense 2.2 GROK Pattern
View pfsense2-2.grok
# GROK match pattern for logstash.conf filter: %{PFSENSE_LOG_DATA}%{PFSENSE_IP_SPECIFIC_DATA}%{PFSENSE_IP_DATA}%{PFSENSE_PROTOCOL_DATA}
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for pfSense events):
# GROK Patterns for pfSense 2.2 Logging Format
#
# Created 27 Jan 2015 by J. Pisano (Handles TCP, UDP, and ICMP log entries)
# Edited 14 Feb 2015 by Elijah Paul elijah.paul@gmail.com
# Edited 10 Mar 2015 by Bernd Zeimetz <bernd@bzed.de>
# taken from https://gist.github.com/elijahpaul/f5f32d4e914dcb7fedd2
@elijahpaul
elijahpaul / check-availability.php
Last active Aug 29, 2015
SoYouStart Availability Checker (Mandrill App)
View check-availability.php
<?php
/*
* Script to check SoYouStart availability, based on http://www.tienle.com/2014/09-03/script-check-soyoustart-availability.html
*/
define('CHECK_URL', 'http://ws.ovh.com/dedicated/r2/ws.dispatcher/getAvailability2');
define('NOTIFICATION_EMAILS', 'YOUR_EMAIL@DOMAIN.COM'); // Comma separated list of notifaction email address
define('SYSTEM_EMAIL', '0'); // 1 = enabled local smtp system
define('MANDRILL', '1'); // 1 = enable email through mandrill api, require an account on https://mandrillapp.com/
define('MANDRILL_API', 'YOUR_MANDRILL_API_KEY'); // Enter your Mandrill App API Key here
@elijahpaul
elijahpaul / pfsense2-2.conf
Last active Jul 9, 2016
pfSense 2.2 Logstash Filter
View pfsense2-2.conf
# Use this filter with pattern file https://gist.github.com/elijahpaul/f5f32d4e914dcb7fedd2
filter {
if "PFSense" in [tags] {
grok {
add_tag => [ "firewall" ]
match => [ "message", "<(?<evtid>.*)>(?<datetime>(?:Jan(?:uary)?|Feb(?:ruary)?|Mar(?:ch)?|Apr(?:il)?|May|Jun(?:e)?|Jul(?:y)?|Aug(?:ust)?|Sep(?:tember)?|Oct(?:ober)?|Nov(?:ember)?|Dec(?:ember)?)\s+(?:(?:0[1-9])|(?:[12][0-9])|(?:3[01])|[1-9]) (?:2[0123]|[01]?[0-9]):(?:[0-5][0-9]):(?:[0-5][0-9])) (?<prog>.*?): (?<msg>.*)" ]
}
mutate {
gsub => ["datetime"," "," "]
}
@elijahpaul
elijahpaul / pfsense2-2.grok
Last active Jan 29, 2019
pfsense2-2.grok
View pfsense2-2.grok
# GROK match pattern for logstash.conf filter: %{LOG_DATA}%{IP_SPECIFIC_DATA}%{IP_DATA}%{PROTOCOL_DATA}
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for pfSense events):
# GROK Patterns for pfSense 2.2 Logging Format
#
# Created 27 Jan 2015 by J. Pisano (Handles TCP, UDP, and ICMP log entries)
# Edited 14 Feb 2015 by E. Paul
#
# Usage: Use with following GROK match pattern
View pub.key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFRksYUBEADi8nC8xuOWq25oS+OEBTxcfuZUhkoYKIBL2D+mOXk64TiQXwKi
2Diu5H+6GRnXAgWwaZFhj356fk+jUiCW2b0gzJE/aA7kNfcGyzEatTAFia+SZTrv
INvnY23i2/JVGodKFOq5tUoKajxGiJUFlWy5w9Fgo+BScNR2dblRP228JZn2MLXs
nkmAckW8r/cFhCyEpR6S5bwXe7ly0gVNUSfEJbOKBpYIyvokpmsswaIVGuLdu9mh
QFZpXL9QMwJ0SOdtNPc1lpWN494q5pelPQP+NsiA90PzQLPgJLgaT03nEn7XOl2G
1otZpERnhLOGimzKqOKRcoSwOt1AuFBdOiUXBYixheuzBgpMlmrTTxa6XwSRqLAJ
DqAVxRXnJ+ZuGR87BSc8diA6Hg+gSoxgUlrkD3t83tXzZJeHmvp2tonDb/Gjm0Qe
@elijahpaul
elijahpaul / exchange_msg_trak_dash_v1.json
Created Oct 30, 2014
Exchange Server message tracking dashboard (Kibana)
View exchange_msg_trak_dash_v1.json
{
"title": "Exchange Message Tracking Logs",
"services": {
"query": {
"list": {
"0": {
"id": 0,
"color": "#7EB26D",
"alias": "Messages Sent (Internal)",
"pin": true,
@elijahpaul
elijahpaul / pfsense_kibana_dash_v1.json
Created Oct 12, 2014
pfSense firewall dashboard (Kibana)
View pfsense_kibana_dash_v1.json
{
"title": "PFSense Firewall",
"services": {
"query": {
"idQueue": [],
"list": {
"0": {
"query": "tags: \"PFSense\" AND action: \"pass\"",
"alias": "Passed",
"color": "#6ED0E0",
@elijahpaul
elijahpaul / transmission-daemon
Created Jul 27, 2014
Start up transmission-daemon
View transmission-daemon
#!/bin/bash
#
# chkconfig: - 16 84
# description: Start up transmission-daemon
#
# processname: transmission-daemon
# config: /etc/sysconfig/transmission
# source function library
. /etc/rc.d/init.d/functions
View keybase.md

Keybase proof

I hereby claim:

  • I am elijahpaul on github.
  • I am ep (https://keybase.io/ep) on keybase.
  • I have a public key whose fingerprint is 9791 19F0 98C6 89D0 0DBD 7841 13EA B5A3 EE25 BE50

To claim this, I am signing this object:

You can’t perform that action at this time.