start new:
tmux
start new with session name:
tmux new -s myname
#!/usr/bin/env python | |
''' Splunk deployment based on CIDR | |
Splunk's deployment server does not support CIDR based matching out of the box, | |
but they do support PCRE regex matching. I found this script online and | |
modified it slightly to match Splunk's specific regex variation. (Basically, | |
Splunk uses standards PCRE but replace the meaning of "." and "*" to act more | |
like traditional glob strings.) The values returned by this script can be | |
used in the serverclass.conf for either whitelist.<n> or blacklist.<n> values. | |
See the Splunk docs for more details. |
#include "FastLED.h" | |
// FastLED "100-lines-of-code" demo reel, showing just a few | |
// of the kinds of animation patterns you can quickly and easily | |
// compose using FastLED. | |
// | |
// This example also shows one easy way to define multiple | |
// animations patterns and have them automatically rotate. | |
// | |
// -Mark Kriegsman, December 2014 |
// I2C to USB Adapter using Arduino | |
// by Bernhard Kraft <kraftb@think-open.at> | |
/** | |
* This sketch can get loaded onto an Arduino to use it as USB to I2C Adapter. | |
* It uses the Wire library. So take a look at the documentation of the Wire | |
* libarary about the pins being used as SDA/SCL. For most Arduino boards this | |
* will be analog input pin 4 for SDA and analog input pin 5 for SCL. | |
* | |
* On the USB side the default serial link of the Arduino is used. A protocol |
#!/usr/bin/python | |
''' Not my script, found on the Internet, and rediscovered on my hard drive | |
''' | |
import sys | |
def cidr_to_regex(cidr): | |
ip, prefix = cidr.split('/') | |
base = 0 | |
for val in map(int, ip.split('.')): |
import logging | |
from logging import handlers | |
import traceback | |
import sys | |
import re | |
import os | |
import json | |
import socket # Used for IP Address validation | |
from splunk.appserver.mrsparkle.lib.util import make_splunkhome_path |
[WinEventLog:Security] | |
#Returns most of the space savings XML would provide | |
SEDCMD-clean0-null_sids = s/(?m)(^\s+[^:]+\:)\s+-?$/\1/g s/(?m)(^\s+[^:]+\:)\s+-?$/\1/g s/(?m)(\:)(\s+NULL SID)$/\1/g s/(?m)(ID\:)(\s+0x0)$/\1/g | |
SEDCMD-clean1-summary = s/This event is generated[\S\s\r\n]+$//g | |
SEDCMD-clean2-cert_summary = s/Certificate information is only[\S\s\r\n]+$//g | |
SEDCMD-clean3-blank_ipv6 = s/::ffff://g | |
SEDCMD-clean4-token_elevation_summary = s/Token Elevation Type indicates[\S\s\r\n]+$//g | |
SEDCMD-clean5-network_share_summary = s/(?ms)(A network share object was checked to see whether.*$)//g | |
SEDCMD-clean6-authentication_summary = s/(?ms)(The computer attempted to validate the credentials.*$)//g | |
SEDCMD-clean7-local_ipv6 = s/(?ms)(::1)//g |
#!/bin/bash | |
# Downloader script for Splunk Universal Forwarder | |
# | |
# Usage: | |
# bash forwardsplunker.sh | |
# | |
version="7.0.0" # Splunk product Version | |
hash="c8a78efdd40f" # Versioned HASH | |
# --- Dont edit below --- |
@echo off | |
del /f /q "%SPLUNK_HOME%\etc\system\local\inputs.conf" | |
del /f /q "%SPLUNK_HOME%\etc\system\local\outputs.conf" | |
del /f /q "%SPLUNK_HOME%\etc\system\local\deploymentclient.conf" |
#!/bin/sh | |
[ -d "/opt/splunk" ] && SPLUNKPATH="/opt/splunk" | |
[ -d "/opt/splunkforwarder" ] && SPLUNKPATH="/opt/splunkforwarder" | |
[ -f "$SPLUNKPATH/etc/system/local/inputs.conf" ] && rm -f $SPLUNKPATH/etc/system/local/inputs.conf | |
[ -f "$SPLUNKPATH/etc/system/local/outputs.conf" ] && rm -f $SPLUNKPATH/etc/system/local/outputs.conf | |
[ -f "$SPLUNKPATH/etc/system/local/deploymentclient.conf" ] && rm -f $SPLUNKPATH/etc/system/local/deploymentclient.conf |