jayswan

"""
Uncipher Cisco type 7 ciphered passwords
Usage: python uncipher.py <pass> where <pass> is the text of the type 7 password

Example:
$ python uncipher.py 094F4F1D1A0403
catcat
"""
import fileinput
import sys

jayswan

dig @8.8.8.8 +short txt _netblocks.google.com | awk '{gsub("ip4:","");for (col=2; col<NF;++col) print $col}'

jayswan

jayswan

White Rim In A Day (WRIAD) October 19 2022

The White Rim Trail is a long 4x4 / moto / bike route in Canyonlands National Park near Moab UT. Depending on where you start and end it's anywhere from 90-105 miles. It's a classic mountain bike ride usually done over 3 to 4 days with camping and vehicle support, but also done as a single-day marathon adventure ride. Camping permits are very difficult to get (typically a year in advance) and guided tours are very expensive, so the single day option is good if you're fit enough. The route is quite remote with no water available, but you'll typically see some motorcycles, bike tour groups, and sometimes a park ranger.

TL;DR

• 102 miles (starting and ending at Horsethief BLM Campground, riding counter-clockwise)
• 7200 feet elevation gain
• 13h 30m total time
• 11h 8m moving time
• Sunny, lows in the mid 40s, highs in the upper 70s
• Many miles of horrible beach sand between Mineral Bottom and Murphy's Hogback

jayswan

>>> import itertools
>>> import string
>>> from elasticsearch import Elasticsearch,helpers
es = Elasticsearch()
>>> # k is a generator expression that produces
... # a series of dictionaries containing test data.
... # The test data are just letter permutations
... # created with itertools.permutations.
... #
... # We then reference k as the iterator that's

jayswan

from collections import Counter,defaultdict
import re
import sys

"""
Counterpart to this blog post:
http://unroutable.blogspot.com/2014/07/simple-python-syslog-counter.html

Summarize counts of typical Cisco syslog messages. Most syslog servers produce lines that look something like this:

jayswan

type Idx: record {
        hostname: string;
};


export {
        redef enum Notice::Type += {
                DNS_ENTRY::Tracked_Hostname
        };
}

jayswan

# Fastly
curl -s https://api.fastly.com/public-ip-list | jq -r '.addresses | .[]'

# Google
dig @8.8.8.8 +short txt _netblocks.google.com | awk '{gsub("ip4:","");for (col=2; col<NF;++col) print $col}'

# AWS
curl -s https://ip-ranges.amazonaws.com/ip-ranges.json | \
jq --raw-output '.prefixes |  map(.ip_prefix) | .[]'

jayswan

Splunk vs ELK is complicated, depending on what you want to optimize. Probably the biggest issue is the ecosystem around post-search data manipulation.

Places where ES shines

ES is amazing at searching for tokens and returning documents. The aggregations are also superb -- actually much faster than Splunk under most conditions. Plugins can extend that functionality. Stuff like fuzzy search, regex queries, indexed terms lookups, significant terms aggregations, and nested aggregations can be extremely powerful if you know how to use them well.

Trouble areas

ES has a reputation for stability problems. These are mostly solvable by running an appropriately sized cluster with new versions and proper circuit breaker settings. Much of the FUD I've seen about this is incorrect, but the biggest problem remains that you can't kill a misbehaving query or constrain its resource use after it has started; if your circuit breakers aren't working correctly then you're out of luck.

Chaining data processing

U

jayswan

from __future__ import print_function
import os
import sys
from netmiko import ConnectHandler

target_mac = os.environ['TARGET_MAC']
router_ip = os.environ['ROUTER_IP']
router_user = os.environ['ROUTER_USER']
password = os.environ['ROUTER_PW']