Skip to content

Instantly share code, notes, and snippets.

Jay Swan jayswan

Block or report user

Report or block jayswan

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@jayswan
jayswan / googips.sh
Created Feb 25, 2016
Get a List of Google CIDR Blocks
View googips.sh
dig @8.8.8.8 +short txt _netblocks.google.com | awk '{gsub("ip4:","");for (col=2; col<NF;++col) print $col}'
@jayswan
jayswan / uncipher.py
Created Feb 27, 2012
Python: reverse Cisco type 7 passwords with input from file or stdin
View uncipher.py
"""
Uncipher Cisco type 7 ciphered passwords
Usage: python uncipher.py <pass> where <pass> is the text of the type 7 password
Example:
$ python uncipher.py 094F4F1D1A0403
catcat
"""
import fileinput
import sys
@jayswan
jayswan / splunk-elk.md
Created Jun 7, 2018
Splunk/ELK Comparision
View splunk-elk.md

Splunk vs ELK is complicated, depending on what you want to optimize. Probably the biggest issue is the ecosystem around post-search data manipulation.

Places where ES shines

ES is amazing at searching for tokens and returning documents. The aggregations are also superb -- actually much faster than Splunk under most conditions. Plugins can extend that functionality. Stuff like fuzzy search, regex queries, indexed terms lookups, significant terms aggregations, and nested aggregations can be extremely powerful if you know how to use them well.

Trouble areas

ES has a reputation for stability problems. These are mostly solvable by running an appropriately sized cluster with new versions and proper circuit breaker settings. Much of the FUD I've seen about this is incorrect, but the biggest problem remains that you can't kill a misbehaving query or constrain its resource use after it has started; if your circuit breakers aren't working correctly then you're out of luck.

Chaining data processing

U

@jayswan
jayswan / gist:a8d9920ef74516a02fe1
Last active May 20, 2018
Elasticsearch Python bulk index API example
View gist:a8d9920ef74516a02fe1
>>> import itertools
>>> import string
>>> from elasticsearch import Elasticsearch,helpers
es = Elasticsearch()
>>> # k is a generator expression that produces
... # a series of dictionaries containing test data.
... # The test data are just letter permutations
... # created with itertools.permutations.
... #
... # We then reference k as the iterator that's
View bh.py
from __future__ import print_function
import os
import sys
from netmiko import ConnectHandler
target_mac = os.environ['TARGET_MAC']
router_ip = os.environ['ROUTER_IP']
router_user = os.environ['ROUTER_USER']
password = os.environ['ROUTER_PW']
@jayswan
jayswan / hn.bro
Last active Mar 21, 2017
track hostnames with Bro
View hn.bro
type Idx: record {
hostname: string;
};
export {
redef enum Notice::Type += {
DNS_ENTRY::Tracked_Hostname
};
}
@jayswan
jayswan / uncipher.py
Created Feb 29, 2012
Python: reverse Cisco type 7 passwords with input from argument
View uncipher.py
"""
Uncipher Cisco type 7 ciphered passwords
Usage: python uncipher.py <pass> where <pass> is the text of the type 7 password
Example:
$ python uncipher.py 094F4F1D1A0403
catcat
"""
import sys
View gist:b1998ac7226c08a18cb8
syntax enable
set ruler
set nobackup
set nocompatible
set encoding=utf-8
set showcmd
set number
set background=dark
"" Indentation
@jayswan
jayswan / add-json.bro
Created Apr 28, 2016 — forked from J-Gras/add-json.bro
Additional JSON logging for Bro.
View add-json.bro
# Add additional JSON logging
module Log;
export {
## Enables JSON-logfiles for all active streams
const enable_all_json = T &redef;
## Streams not to generate JSON-logfiles for
const exclude_json: set[Log::ID] = { } &redef;
## Streams to generate JSON-logfiles for
View swis.py
import requests
import json
from getpass import getpass
"""
A more friendly, bug-fixed version of the Python sample included with
Solarwinds SDK v1.8
Make sure to set a valid nodeID in line 50 before using!
"""
You can’t perform that action at this time.