Skip to content

Instantly share code, notes, and snippets.

Jay Swan jayswan

Block or report user

Report or block jayswan

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View simple_syslog_count.py
from collections import Counter,defaultdict
import re
import sys
"""
Counterpart to this blog post:
http://unroutable.blogspot.com/2014/07/simple-python-syslog-counter.html
Summarize counts of typical Cisco syslog messages. Most syslog servers produce lines that look something like this:
View dlog.py
from collections import Counter
from csv import DictReader
import gzip
from pprint import pprint
from sys import argv
FIELDNAMES = ['ts', 'uid', 'id.orig_h', 'id.orig_p', 'id.resp_h', 'id.resp_p', 'proto', 'trans_id', 'query', 'qclass', 'qclass_name', 'qtype', 'qtype_name', 'rcode', 'rcode_name', 'AA', 'TC', 'RD', 'RA', 'Z', 'answersTTLs', 'rejected']
def ingest(files, delim='\t', qchar='"'):
View d2n.py
from collections import namedtuple
def d2n(name,d):
""" convert dict to namedtuple """
NewClass = namedtuple(name,d.keys())
return NewClass(*d.values())
View hashes.py
import hashlib
def hash(s,a='md5'):
""" One-stop hex-digest of a string. Allows any algorithm supported by hashlib. """
f = getattr(hashlib,a)
return f(s).hexdigest()
def fhash(fn,a='md5'):
""" Hash a file as a string. Not memory considerate. """
with open(fn) as f:
@jayswan
jayswan / plixer_log_count.py
Created Nov 25, 2014
Count Plixer log entries
View plixer_log_count.py
from collections import defaultdict
from operator import itemgetter
import sys
FILENAME = sys.argv[1]
class SimpleCounter(defaultdict):
""" Scrutinizer ships with Python 2.6 and doesn't have the Counter object
from collections. This is a simple version of it.
"""
View gist:c04eee5287cc7cbc5ea1
{
"query": {
"filtered": {
"filter": {
"bool": {
"must": [
{
"term": {
"EventID": 4728
}
View gist:3a7621d909b15c832cfb
In [142]: d
Out[142]: {'TargetUserName.raw': 'Domain Admins'}
In [143]: tt = Search(using=es,index=i)\
.filter('term',**d).filter('term',EventID=4728)
View gist:d4ddd71a35bb5f1ad86f
In [144]: tt = Search(using=es,index=i)\
.filter('term',TargetUserName.raw='Domain Admins')\
.filter('term',EventID=4728)
File "<ipython-input-144-1b746eb83e6f>", line 1
tt = Search(using=es,index=i)\
.filter('term',TargetUserName.raw='Domain Admins')\
.filter('term',EventID=4728)
SyntaxError: keyword can't be an expression
@jayswan
jayswan / dup_conf.py
Created Dec 21, 2011
Python Script to find duplicate Cisco interface configs
View dup_conf.py
import os
def print_dup_info(s):
#split config on ! characters
blocks = s.split('!')
stanza_list = []
interface_dict = {}
for block in blocks:
#get rid of blank lines and split each stanza into a list of lines
You can’t perform that action at this time.