Jan Doberstein jalogisch

## nginx_graylog.conf

# Graylog in Subdirectorie
#
# server.conf settings:
#         rest_listen_uri = http://192.168.10.11:9000/serveurgraylog/api/
#         web_listen_uri = http://192.168.10.11:9000/serveurgraylog/
#
server {
        listen      80 ;
        server_name g1422.lan;

## 0_reuse_code.js
// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console

## dns_masq_content_pack.json
{
  "name": "PiHOLE",
  "description": "Creates Information Dashboard from pihole with enriched data ( https://gist.github.com/jalogisch/922b7a3438c5c6f5b9d02557d33ab2eb )",
  "category": "DNS Intel",
  "inputs": [],
  "streams": [],
  "outputs": [],
  "dashboards": [
    {
      "title": "DNS Intel",

## dnsmasq_clean_message
rule "dnsmasq clean message"
when
     has_field("programname") AND contains(to_string($message.programname), "dnsmasq")
then
   let m = regex("^.+: (.+)$", to_string($message.message));
   let clean_message = m["0"];
  // Set a better message field without the prefix clutter.
  set_field("message", clean_message);
end

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                jalogisch
                / keybase.md
            
            
              Created
              November 25, 2016 11:58
            
          
    Keybase proof

I hereby claim:

I am jalogisch on github.
I am jalogisch (https://keybase.io/jalogisch) on keybase.
I have a public key whose fingerprint is A19B F39B 7474 7846 4184  AAFC 70C7 FC35 A4E8 36F8

To claim this, I am signing this object:

  
## haproxy
listen syslog_tcp_514
       bind *:514
       mode tcp
       timeout client  120s
       timeout server  120s
       default-server inter 2s downinter 5s rise 3 fall 2 maxconn 64 maxqueue 128 weight 100
       server graylog1 192.168.55.201:51400 check
       server graylog2 192.168.55.202:51400 check
       server graylog3 192.168.55.203:51400 check

## ghost_pipeline_extract_messages
rule "extract_ghost_blog_from_systemd_log"
when
   has_field("programname") AND to_string($message.programname) == "Ghost"
then
 let message_field = to_string($message.message);

 let action = grok(pattern: "%{COMBINEDAPACHELOG}", value: message_field);
 set_fields(action);

end

## jekyll-import.php
<?PHP
	require '/path/to/markdown-extra.php';

	$db = mysql_connect('localhost', 'root', 'password') or die(mysql_error());
	mysql_select_db('tylerio', $db) or die(mysql_error());

	$files = scandir('posts');
	array_shift($files); // .
	array_shift($files); // ..

## configuration nginx docs
server
{
  listen      80 default_server;
  listen      [::]:80 default_server ipv6only=on;
  server_name graylog.example.org;

  location /api/
    {
        proxy_set_header    Host $http_host;
        proxy_set_header    X-Forwarded-Host $host;

## Graylog_Extractors_Syslog_Over_AMQP
{
  "extractors": [
    {
      "title": "1_extract_json_message",
      "extractor_type": "json",
      "converters": [],
      "order": 0,
      "cursor_strategy": "copy",
      "source_field": "full_message",
      "target_field": "",

	# Graylog in Subdirectorie
	#
	# server.conf settings:
	# rest_listen_uri = http://192.168.10.11:9000/serveurgraylog/api/
	# web_listen_uri = http://192.168.10.11:9000/serveurgraylog/
	#
	server {
	listen 80 ;
	server_name g1422.lan;
	// Use Gists to store code you would like to remember later on
	console.log(window); // log the "window" object to the console
	{
	"name": "PiHOLE",
	"description": "Creates Information Dashboard from pihole with enriched data ( https://gist.github.com/jalogisch/922b7a3438c5c6f5b9d02557d33ab2eb )",
	"category": "DNS Intel",
	"inputs": [],
	"streams": [],
	"outputs": [],
	"dashboards": [
	{
	"title": "DNS Intel",
	rule "dnsmasq clean message"
	when
	has_field("programname") AND contains(to_string($message.programname), "dnsmasq")
	then
	let m = regex("^.+: (.+)$", to_string($message.message));
	let clean_message = m["0"];
	// Set a better message field without the prefix clutter.
	set_field("message", clean_message);
	end
	listen syslog_tcp_514
	bind *:514
	mode tcp
	timeout client 120s
	timeout server 120s
	default-server inter 2s downinter 5s rise 3 fall 2 maxconn 64 maxqueue 128 weight 100
	server graylog1 192.168.55.201:51400 check
	server graylog2 192.168.55.202:51400 check
	server graylog3 192.168.55.203:51400 check
	rule "extract_ghost_blog_from_systemd_log"
	when
	has_field("programname") AND to_string($message.programname) == "Ghost"
	then
	let message_field = to_string($message.message);

	let action = grok(pattern: "%{COMBINEDAPACHELOG}", value: message_field);
	set_fields(action);

	end
	<?PHP
	require '/path/to/markdown-extra.php';

	$db = mysql_connect('localhost', 'root', 'password') or die(mysql_error());
	mysql_select_db('tylerio', $db) or die(mysql_error());

	$files = scandir('posts');
	array_shift($files); // .
	array_shift($files); // ..
	server
	{
	listen 80 default_server;
	listen [::]:80 default_server ipv6only=on;
	server_name graylog.example.org;

	location /api/
	{
	proxy_set_header Host $http_host;
	proxy_set_header X-Forwarded-Host $host;
	{
	"extractors": [
	{
	"title": "1_extract_json_message",
	"extractor_type": "json",
	"converters": [],
	"order": 0,
	"cursor_strategy": "copy",
	"source_field": "full_message",
	"target_field": "",