Skip to content

Instantly share code, notes, and snippets.

jordansissel /
Created Sep 21, 2012
screenshot + code showing how to query logstash/elasticsearch with a graphite function.

logstash queries graphed with graphite.

Operation: Decouple whisper from graphite.

Method: Create a graphite function that does a date histogram facet query against elasticsearch for a given query string for the time period viewed in the current graph.

Reason: graphite has some awesome math functions. Wouldn't it be cool if we could use those on logstash results?

The screenshot below is using logstash to watch the twitter stream of keywords "iphone" "apple" and "samsung" - then I graph them each, so we get an idea of popularity. As a bonus, I also do a movingAverage() on the iphone curve to show you why this is awesome.

jordansissel /
Last active Jun 7, 2021
parsing mysql's query log format with logstash

parsing mysql query logs with logstash

The problem is that some lines in the file are missing timestamps when they aren't continuations of any previous line. It's dumb, really.

The mysql query log is seriously bullshit format, but nothing logstash can't unscrew.

The main goal here is to show how we can fix the 'missing timestamp' problem.

% ruby bin/logstash agent -e '
jordansissel / OUTPUT
Created May 27, 2021
xinput list devices showing pointer locations
% gcc main.c $(pkg-config --libs x11 xi --cflags) -o xinput-example
% ./xinput-example
Pointer id:2 at location 1011,756
View Procfile
# Only listen on http; disable ajp and https
web: java -jar jenkins.war --httpPort=$PORT --ajp13Port=-1 --httpsPort=-1
jordansissel /
Created Jul 3, 2012
Compression on large JSON file

The Data


  • Original: 708MB
  • xz -3: 70MB, 5:41.02 (2.07 mb/sec - 10:1 ratio)
  • bzip2 -3: 74MB, 4:39.11 (2.53 mb/sec - 9.5:1 ratio)
  • gzip -3: 103MB: 0:15.15 (46.73 mb/sec - 6.87:1 ratio)
  • lzop -3: 146MB, 0:06.53 (108.42 mb/sec - 4.85:1 ratio)
jordansissel / FZF
Last active Feb 14, 2021
FZF usage examples
View FZF


Get credentials for a given GKE cluster

gcloud container clusters get-credentials $(gcloud container clusters list --format json | jq -r '.[] | "\(.name) --zone \(.location)"' | fzf --height 10 --sync)


jordansissel / gist:3741723
Last active Feb 11, 2021
OpenSSL quick. (generate certs, run server/clients)
View gist:3741723
# Create a self-signed cert
openssl req -x509 -batch -nodes -newkey rsa:2048 -keyout lumberjack.key -out lumberjack.crt
# Create a self-signed with DNS SAN
openssl req -x509 -nodes -new -subj "/CN=localhost" -addext "subjectAltName = DNS:localhost" -newkey rsa:2048 -keyout
/tmp/server.key -out /tmp/server.crt
jordansissel /
Last active Feb 6, 2021
logstash message format

logstash json format

  "message"    => "hello world",
  "@version"   => "1",
  "@timestamp" => "2014-04-22T23:03:14.111Z",
  "type"       => "stdin",
  "host"       => "hello.local"
jordansissel /
Last active Feb 2, 2021
Arch Linux setup


Partitioning is something I do once a year and never remember. Arch's docs have great reference guides, but I just want to move on with my life without reading too much docs. This aims to simplify my partitioning experience.

fdisk /dev/<disk device>

g # new gpt disk label
jordansissel /
Last active Dec 17, 2020
Zoom on Linux notes

In a zoom?

xdotool search --name "Zoom Meeting ID:"

This will exit non-zero if no meeting matching this name is found. "Zoom Meeting ID:"

This window exists regardless of sharing or not sharing, in my tests.