Skip to content

Instantly share code, notes, and snippets.

Jay Swan jayswan

Block or report user

Report or block jayswan

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@jayswan
jayswan / uexists.sh
Created Sep 28, 2016
pipe-able script to check the existence of a GitHub username; returns 200 if found
View uexists.sh
#!/bin/sh
# Usage: some_command_that_outputs_usernames | uexists.sh
# subject to anonymous API rate limits
xargs -I {} curl -w "%{http_code}\n" -sI -o /dev/null https://api.github.com/users/{}
@jayswan
jayswan / signed_to_ipv4.py
Created Feb 11, 2012
signed 32-bit int to ipv4
View signed_to_ipv4.py
def int_to_ip(signed_int):
""" convert a 32-bit signed integer to an IP address"""
# do preventative type checking because I didn't want to check inputs
try:
if type(signed_int) == str or type(signed_int) == int:
signed_int = long(signed_int)
except ValueError:
return "err_ip"
# CUCM occasionally creates CDRs with an IP of '0'. Bug or feature? Beats me.
@jayswan
jayswan / cidrs.sh
Created Jul 26, 2016
Scripts to retrieve CIDR blocks for various services
View cidrs.sh
# Fastly
curl -s https://api.fastly.com/public-ip-list | jq -r '.addresses | .[]'
# Google
dig @8.8.8.8 +short txt _netblocks.google.com | awk '{gsub("ip4:","");for (col=2; col<NF;++col) print $col}'
# AWS
curl -s https://ip-ranges.amazonaws.com/ip-ranges.json | \
jq --raw-output '.prefixes | map(.ip_prefix) | .[]'
@jayswan
jayswan / scripted_aggs.md
Created Jul 10, 2016
Elasticsearch scripted aggregation with joined fields
View scripted_aggs.md

This script allows you to do SQL GROUPBY-like aggregations on multiple fields in an Elasticsearch index.

Performance will likely be poor on large data sets.

Saved Groovy script in <elasticsearch_dir>/config/scripts/join-param-list.groovy:

return fields.collect { doc[it].value }.join(delimiter);
@jayswan
jayswan / aws2ipset.sh
Created Feb 19, 2016
Convert AWS IP Prefixes to SiLK IP Set
View aws2ipset.sh
#!/bin/sh
curl -s https://ip-ranges.amazonaws.com/ip-ranges.json | \
jq --raw-output '.prefixes | map(.ip_prefix) | .[]' > prefixes.txt
rwsetbuild prefixes.txt aws.ipset
@jayswan
jayswan / dup_conf.py
Created Dec 21, 2011
Python Script to find duplicate Cisco interface configs
View dup_conf.py
import os
def print_dup_info(s):
#split config on ! characters
blocks = s.split('!')
stanza_list = []
interface_dict = {}
for block in blocks:
#get rid of blank lines and split each stanza into a list of lines
View gist:c04eee5287cc7cbc5ea1
{
"query": {
"filtered": {
"filter": {
"bool": {
"must": [
{
"term": {
"EventID": 4728
}
View gist:3a7621d909b15c832cfb
In [142]: d
Out[142]: {'TargetUserName.raw': 'Domain Admins'}
In [143]: tt = Search(using=es,index=i)\
.filter('term',**d).filter('term',EventID=4728)
View gist:d4ddd71a35bb5f1ad86f
In [144]: tt = Search(using=es,index=i)\
.filter('term',TargetUserName.raw='Domain Admins')\
.filter('term',EventID=4728)
File "<ipython-input-144-1b746eb83e6f>", line 1
tt = Search(using=es,index=i)\
.filter('term',TargetUserName.raw='Domain Admins')\
.filter('term',EventID=4728)
SyntaxError: keyword can't be an expression
You can’t perform that action at this time.