Skip to content

Instantly share code, notes, and snippets.

Avatar
💀
Working from Snake Mountain 🐍

Elijah Paul elijahpaul

💀
Working from Snake Mountain 🐍
View GitHub Profile
@elijahpaul
elijahpaul / pfsense2-2.grok
Last active Apr 12, 2021
pfSense 2.2 GROK Pattern
View pfsense2-2.grok
# GROK match pattern for logstash.conf filter: %{PFSENSE_LOG_DATA}%{PFSENSE_IP_SPECIFIC_DATA}%{PFSENSE_IP_DATA}%{PFSENSE_PROTOCOL_DATA}
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for pfSense events):
# GROK Patterns for pfSense 2.2 Logging Format
#
# Created 27 Jan 2015 by J. Pisano (Handles TCP, UDP, and ICMP log entries)
# Edited 14 Feb 2015 by Elijah Paul elijah.paul@gmail.com
# Edited 10 Mar 2015 by Bernd Zeimetz <bernd@bzed.de>
# taken from https://gist.github.com/elijahpaul/f5f32d4e914dcb7fedd2
@elijahpaul
elijahpaul / check-availability.php
Last active Aug 29, 2015
SoYouStart Availability Checker (Mandrill App)
View check-availability.php
<?php
/*
* Script to check SoYouStart availability, based on http://www.tienle.com/2014/09-03/script-check-soyoustart-availability.html
*/
define('CHECK_URL', 'http://ws.ovh.com/dedicated/r2/ws.dispatcher/getAvailability2');
define('NOTIFICATION_EMAILS', 'YOUR_EMAIL@DOMAIN.COM'); // Comma separated list of notifaction email address
define('SYSTEM_EMAIL', '0'); // 1 = enabled local smtp system
define('MANDRILL', '1'); // 1 = enable email through mandrill api, require an account on https://mandrillapp.com/
define('MANDRILL_API', 'YOUR_MANDRILL_API_KEY'); // Enter your Mandrill App API Key here
@elijahpaul
elijahpaul / pfsense2-2.conf
Last active Jul 9, 2016
pfSense 2.2 Logstash Filter
View pfsense2-2.conf
# Use this filter with pattern file https://gist.github.com/elijahpaul/f5f32d4e914dcb7fedd2
filter {
if "PFSense" in [tags] {
grok {
add_tag => [ "firewall" ]
match => [ "message", "<(?<evtid>.*)>(?<datetime>(?:Jan(?:uary)?|Feb(?:ruary)?|Mar(?:ch)?|Apr(?:il)?|May|Jun(?:e)?|Jul(?:y)?|Aug(?:ust)?|Sep(?:tember)?|Oct(?:ober)?|Nov(?:ember)?|Dec(?:ember)?)\s+(?:(?:0[1-9])|(?:[12][0-9])|(?:3[01])|[1-9]) (?:2[0123]|[01]?[0-9]):(?:[0-5][0-9]):(?:[0-5][0-9])) (?<prog>.*?): (?<msg>.*)" ]
}
mutate {
gsub => ["datetime"," "," "]
}
@elijahpaul
elijahpaul / pfsense2-2.grok
Last active Jan 29, 2019
pfsense2-2.grok
View pfsense2-2.grok
# GROK match pattern for logstash.conf filter: %{LOG_DATA}%{IP_SPECIFIC_DATA}%{IP_DATA}%{PROTOCOL_DATA}
# GROK Custom Patterns (add to patterns directory and reference in GROK filter for pfSense events):
# GROK Patterns for pfSense 2.2 Logging Format
#
# Created 27 Jan 2015 by J. Pisano (Handles TCP, UDP, and ICMP log entries)
# Edited 14 Feb 2015 by E. Paul
#
# Usage: Use with following GROK match pattern
View pub.key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFRksYUBEADi8nC8xuOWq25oS+OEBTxcfuZUhkoYKIBL2D+mOXk64TiQXwKi
2Diu5H+6GRnXAgWwaZFhj356fk+jUiCW2b0gzJE/aA7kNfcGyzEatTAFia+SZTrv
INvnY23i2/JVGodKFOq5tUoKajxGiJUFlWy5w9Fgo+BScNR2dblRP228JZn2MLXs
nkmAckW8r/cFhCyEpR6S5bwXe7ly0gVNUSfEJbOKBpYIyvokpmsswaIVGuLdu9mh
QFZpXL9QMwJ0SOdtNPc1lpWN494q5pelPQP+NsiA90PzQLPgJLgaT03nEn7XOl2G
1otZpERnhLOGimzKqOKRcoSwOt1AuFBdOiUXBYixheuzBgpMlmrTTxa6XwSRqLAJ
DqAVxRXnJ+ZuGR87BSc8diA6Hg+gSoxgUlrkD3t83tXzZJeHmvp2tonDb/Gjm0Qe
@elijahpaul
elijahpaul / exchange_msg_trak_dash_v1.json
Created Oct 30, 2014
Exchange Server message tracking dashboard (Kibana)
View exchange_msg_trak_dash_v1.json
{
"title": "Exchange Message Tracking Logs",
"services": {
"query": {
"list": {
"0": {
"id": 0,
"color": "#7EB26D",
"alias": "Messages Sent (Internal)",
"pin": true,
@elijahpaul
elijahpaul / pfsense_kibana_dash_v1.json
Created Oct 12, 2014
pfSense firewall dashboard (Kibana)
View pfsense_kibana_dash_v1.json
{
"title": "PFSense Firewall",
"services": {
"query": {
"idQueue": [],
"list": {
"0": {
"query": "tags: \"PFSense\" AND action: \"pass\"",
"alias": "Passed",
"color": "#6ED0E0",
@elijahpaul
elijahpaul / transmission-daemon
Created Jul 27, 2014
Start up transmission-daemon
View transmission-daemon
#!/bin/bash
#
# chkconfig: - 16 84
# description: Start up transmission-daemon
#
# processname: transmission-daemon
# config: /etc/sysconfig/transmission
# source function library
. /etc/rc.d/init.d/functions
View keybase.md

Keybase proof

I hereby claim:

  • I am elijahpaul on github.
  • I am ep (https://keybase.io/ep) on keybase.
  • I have a public key whose fingerprint is 9791 19F0 98C6 89D0 0DBD 7841 13EA B5A3 EE25 BE50

To claim this, I am signing this object: