Peter Titov iamhowardtheduck
iamhowardtheduck
/ gist:c67b65c1652c6508aafcd1da08f0ce30
Created
September 6, 2020 21:59
Zoneminder zmc_m#.log ECS Compliant Ingest Node Pipeline Processor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT _ingest/pipeline/zoneminder-c | |
| { | |
| "processors": [ | |
| { | |
| "dissect": { | |
| "field": "message", | |
| "pattern": "%{Date} %{TimeS} %{zoneminder.camera.id}[%{process.pid}].%{zoneminder.event.type}-zm_monitor.cpp/%{Discard-1} [%{zoneminder.camera.name}: images:%{zoneminder.camera.images} - Capturing at %{zoneminder.camera.fps} fps, capturing bandwidth %{zoneminder.camera.bytes}bytes/sec]", | |
| "ignore_failure": true, | |
| "description": "zoneminder-c FPS & Bytes", | |
| "ignore_missing": true |
iamhowardtheduck
/ gist:72f6c5277d45a06d261863510cbc65f0
Created
September 6, 2020 21:59
Zoneminder zma_m#.log ECS Compliant Ingest Node Pipeline Processor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT _ingest/pipeline/zoneminder-a | |
| { | |
| "processors": [ | |
| { | |
| "dissect": { | |
| "field": "message", | |
| "pattern": "%{Date} %{TimeS} %{zoneminder.camera.id}[%{process.pid}].%{zoneminder.event.type}-zm_monitor.cpp/%{Discard-1} [%{zoneminder.camera.name}: %{Images} - Opening new event %{zoneminder.alarm.id}, section start]", | |
| "ignore_failure": true, | |
| "description": "zoneminder-a New Alert Start", | |
| "ignore_missing": true |
iamhowardtheduck
/ pat-status
Created
August 28, 2020 01:42
Index template for Port Authority of Pittsburgh API feed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT _index_template/pat-status | |
| { | |
| "version": 1, | |
| "template": { | |
| "settings": { | |
| "index": { | |
| "lifecycle": { | |
| "name": "PAT-Status", | |
| "rollover_alias": "pat-status" | |
| }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo yum install -y perl-Digest-SHA wget unzip | |
| wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.8.0-darwin-x86_64.tar.gz | |
| wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.8.0-darwin-x86_64.tar.gz.sha512 | |
| shasum -a 512 -c elasticsearch-7.8.0-darwin-x86_64.tar.gz.sha512 | |
| tar -xzf elasticsearch-7.8.0-darwin-x86_64.tar.gz | |
| mv elasticsearch-7.8.0/config/elasticsearch.yml elasticsearch-7.8.0/config/elasticsearch.yml.backup | |
| touch elasticsearch-7.8.0/config/elasticsearch.yml | |
| echo "Please input the IP address found below:" | |
| echo "" | |
| ip a |
iamhowardtheduck
/ LogstashMathPluginInstall.sh
Last active
April 26, 2020 16:53
Logstash Math Filter Plugin Install
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| git clone https://github.com/robin13/logstash-filter-math.git && cd logstash-filter-math/ && yum install gem* -y && gem build logstash-filter-math.gemspec && /usr/share/logstash/bin/logstash-plugin install --no-verify && /usr/share/logstash/bin/logstash-plugin install logstash-filter-math && service logstash restart |
iamhowardtheduck
/ COVID-19-Timeseries-Deprecated-Historical.conf
Created
March 25, 2020 23:10
COVID-19 Time-series Deprecated Historical Data Logstash Pipeline
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| path => ["/COVID-19/csse_covid_19_data/csse_covid_19_time_series/time_series_19-covid-Confirmed.csv", "/COVID-19/csse_covid_19_data/csse_covid_19_time_series/time_series_19-covid-Deaths.csv", "/COVID-19/csse_covid_19_data/csse_covid_19_time_series/time_series_19-covid-Recovered.csv" ] | |
| start_position => "beginning" | |
| } } | |
| filter { | |
| if [path] == "/COVID-19/csse_covid_19_data/csse_covid_19_time_series/time_series_19-covid-Confirmed.csv" { mutate { add_field => { "tags" => "Confirmed" }}} | |
| if [path] == "/COVID-19/csse_covid_19_data/csse_covid_19_time_series/time_series_19-covid-Recovered.csv" { mutate { add_field => { "tags" => "Recovered" }}} |
iamhowardtheduck
/ COVID-19-euro.conf
Last active
March 15, 2020 13:08
Coronavirus "COVID-19-euro.conf" Logstash Pipeline
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| path => "/var/log/COVID-19-Euro/*.csv" | |
| start_position => "beginning" | |
| } } | |
| filter { | |
| csv { | |
| skip_empty_columns => true |
iamhowardtheduck
/ COVID-19_Visualizations.ndjson
Last active
March 8, 2020 22:13
Coronavirus Visualizations
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"attributes":{"fieldFormatMap":"{\"Country\":{\"id\":\"string\",\"params\":{\"parsedUrl\":{\"origin\":\"https://5-eyes:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}}}","fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"@version\"}}},{\"name\":\"Confirmed\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"Country\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PUT _template/coronavirus | |
| { | |
| "version": 1, | |
| "order": 0, | |
| "index_patterns": [ | |
| "covid-19-john*", | |
| "covid-19-euro*", | |
| "covid-19*" | |
| ], | |
| "settings": { |
iamhowardtheduck
/ COVID-19_Index_Pattern.ndjson
Last active
March 8, 2020 18:48
COVID-19_Index_Pattern.ndjson
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"attributes":{"fieldFormatMap":"{\"Country\":{\"id\":\"string\",\"params\":{\"parsedUrl\":{\"origin\":\"https://5-eyes:5601\",\"pathname\":\"/app/kibana\",\"basePath\":\"\"}}}}","fields":"[{\"name\":\"@timestamp\",\"type\":\"date\",\"esTypes\":[\"date\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"@version\",\"type\":\"string\",\"esTypes\":[\"text\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":false,\"readFromDocValues\":false},{\"name\":\"@version.keyword\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true,\"subType\":{\"multi\":{\"parent\":\"@version\"}}},{\"name\":\"Confirmed\",\"type\":\"number\",\"esTypes\":[\"integer\"],\"count\":0,\"scripted\":false,\"searchable\":true,\"aggregatable\":true,\"readFromDocValues\":true},{\"name\":\"Country\",\"type\":\"string\",\"esTypes\":[\"keyword\"],\"count\":0,\"scripted\":false, |