Skip to content

Instantly share code, notes, and snippets.

View imweijh's full-sized avatar

weijh imweijh

18 followers · 249 following
  • ShenZhen, China
View GitHub Profile
@imweijh
imweijh / .screenrc
Created January 20, 2017 02:38 — forked from joaopizani/.screenrc
A killer GNU Screen Config
# the following two lines give a two-line status, with the current window highlighted
hardstatus alwayslastline
hardstatus string '%{= kG}[%{G}%H%? %1`%?%{g}][%= %{= kw}%-w%{+b yk} %n*%t%?(%u)%? %{-}%+w %=%{g}][%{B}%m/%d %{W}%C%A%{g}]'
# huge scrollback buffer
defscrollback 5000
# no welcome message
startup_message off
@imweijh
imweijh / graphdat-install-conntrack-tools.sh
Created February 9, 2017 03:45 — forked from codemoran/graphdat-install-conntrack-tools.sh
Install conntrack-tools on CentOS
#!/bin/bash
# Make sure we have the dev tools
yum groupinstall "Development Tools"
# Just in case you started installing dependencies from yum
yum -y remove libnfnetlink
# lets put the source code here
mkdir -p ~/.src
@imweijh
imweijh / readme.md
Created February 11, 2017 15:14 — forked from jordansissel/readme.md
logstash + you + me.

logstash needs full time love.

There are roughly 70 code contributors to the logstash project as of today. Many more exist as helpful folks on IRC and the mailling list. Others post awesome bug reports and feature requests. The community is simply awesome.

I've been working on logstash for about 2 years. All as a hobby - all part-time. About 70% of the current content (commits, 'git blame' lines, etc) are by me.

Unfortunately, I've never used logstash in production. (Embarrassing, I know!)

I'm embarrassed to answer user questions like "How do I optimize elasticsearch's storage?" with "Sorry, I've never used elasticsearch outside of my laptop."

@imweijh
imweijh / Why JRuby.md
Created February 12, 2017 02:16 — forked from jordansissel/Why JRuby.md
logstash, why jruby?

Long story, short: I'm totally open to supporting more rubies if possible. Details follow.

Related issue: http://code.google.com/p/logstash/issues/detail?id=37

Summary:

  • core and stdlib ruby changes violently and without notice and without backwards compatibility. I want nothing of that.
  • need a cross-ruby date library that isn't part of stdlib (see previous point) and is also good.
  • need an easy way to use multiple cpus that is cross-ruby (threads are not it)
@imweijh
imweijh / logstash-sflow-filter
Created February 21, 2017 02:08 — forked from whiskeyalpharomeo/logstash-sflow-filter
Logstash Filter for Processing sFlow FLOW records
#################
# Sflow Filters #
#################
filter {
if [type] == "sflow" {
# sFlow sends two kinds of messages - CNTRs and FLOWs
# I'm not doing anything with CNTRs at this point, so
@imweijh
imweijh / logstash-iana-protocols-dictionary
Created February 21, 2017 02:10 — forked from whiskeyalpharomeo/logstash-iana-protocols-dictionary
Logstash IANA Protocols YAML Dictionary
"0": HOPOPT
"1": ICMP
"2": IGMP
"3": GGP
"4": IPv4
"5": ST
"6": TCP
"7": CBT
"8": EGP
"9": IGP
@imweijh
imweijh / logstash-tcp-flags-dictionary
Created February 21, 2017 02:10 — forked from whiskeyalpharomeo/logstash-tcp-flags-dictionary
Logstash TCP Flags YAML Dictionary
"0x00": NULL
"0x01": FIN
"0x02": SYN
"0x03": FIN-SYN
"0x08": PSH
"0x09": FIN-PSH
"0x0A": SYN-PSH
"0x0B": FIN-SYN-PSH
"0x10": ACK
"0x11": FIN-ACK
@imweijh
imweijh / curator_windows_executable.md
Created March 7, 2017 01:13 — forked from untergeek/curator_windows_executable.md
Build a Windows binary for Curator with Nuitka

Curator Binary Creation (Windows Edition)

Prerequisites

Please install in this order.

Install Python

  • Download 2.7.9 (64-bit)
  • Install with these options:
    • Install for all users
    • Customize Python 2.7.9:
      • Select Add python.exe to Path
@imweijh
imweijh / sshtunnel.go
Created March 28, 2017 10:57 — forked from iamralch/sshtunnel.go
SSH tunnelling in Golang
package main
import (
"log"
"bufio"
"time"
"os"
"fmt"
"io"
"net"
@imweijh
imweijh / gist:c917ad22957efe6a93eaacc763242ce7
Created April 12, 2017 08:29 — forked from rmoff/gist:0b7866b7e17059920a9ab1a80ea18eb4
Metricbeat / Timelion / Kibana anomaly detection expression
$thres=0.02, .es(index='metricbeat*',metric='max:system.cpu.user.pct').lines(1).if(eq, 0, null).holt(0.9, 0.1, 0.9, 0.5h).color(#eee).lines(10).label('Prediction'), .es(index='metricbeat*',metric='max:system.cpu.user.pct').color(#666).lines(1).label(Actual), .es(index='metricbeat*',metric='max:system.cpu.user.pct').lines(1).if(eq, 0, null).holt(0.9, 0.1, 0.9, 0.5h).subtract(.es(index='metricbeat*',metric='max:system.cpu.user.pct')).abs().if(lt, $thres, null, .es(index='metricbeat*',metric='max:system.cpu.user.pct')).points(10,3,0).color(#c66).label('Anomaly').title('max:system.cpu.user.pct / @rmoff')