sysctl -w fs.file-max=12000500
sysctl -w fs.nr_open=20000500
# Set the maximum number of open file descriptors
ulimit -n 20000000
# Set the memory size for TCP with minimum, default and maximum thresholds
sysctl -w net.ipv4.tcp_mem='10000000 10000000 10000000'
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if [event][module] == "apache" { | |
if [fileset][name] == "access" { | |
grok { | |
match => { "message" => [ | |
"%{IPORHOST:[source][address]} - %{DATA:[user][name]} \[%{HTTPDATE:[apache][access][time]}\] \"(?:%{WORD:[http][request][method]} %{DATA:[url][original]} HTTP/%{NUMBER:[http][version]:float}|-)?\" %{NUMBER:[http][response][status_code]:int} (?:%{NUMBER:[http][response][body][bytes]:int}|-)( \"%{DATA:[http][request][referrer]}\")?( \"%{DATA:[user_agent][original]}\")?", | |
"%{IPORHOST:[source][address]} - %{DATA:[user][name]} \[%{HTTPDATE:[apache][access][time]}\] \"-\" %{NUMBER:[http][response][status_code]:int} -", | |
"\[%{HTTPDATE:[apache][access][time]}\] %{IPORHOST:[source][address]} %{DATA:[apache][access][ssl][protocol]} %{DATA:[apache][access][ssl][cipher]} \"%{WORD:[http][request][method]} %{DATA:[url][original]} HTTP/%{NUMBER:[http][version]:float}\" %{NUMBER:[http][response][body][bytes]:int}"] | |
} | |
remove_field => [ "message" ] | |
add_field => { "[event][created]" => "%{@timestamp}" } |
127.0.0.1 - - [26/Mar/2016:19:09:19 -0400] "GET / HTTP/1.1" 401 194 "" "Mozilla/5.0 Gecko" "-"
%{IPORHOST:clientip} (?:-|(%{WORD}.%{WORD})) %{USER:ident} \[%{HTTPDATE:timestamp}\] "(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion})?|%{DATA:rawrequest})" %{NUMBER:response} (?:%{NUMBER:bytes}|-) %{QS:referrer} %{QS:agent} %{QS:forwarder}
1 shard, 0 replica.
Update default template:
curl -X PUT http://localhost:9200/_template/default -H 'Content-Type: application/json' -d '{"index_patterns": ["*"],"order": -1,"settings": {"number_of_shards": "1","number_of_replicas": "0"}}'
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -ex | |
UBUNTU_VERSION="14.04" | |
mkdirs(){ | |
#lxc delete hadoop-master --force | |
#lxc delete hadoop-slave-1 --force | |
#lxc delete hadoop-slave-2 --force | |
rm -rf /tmp/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FILE SPACING: | |
# double space a file | |
sed G | |
# double space a file which already has blank lines in it. Output file | |
# should contain no more than one blank line between lines of text. | |
sed '/^$/d;G' |
This article proved to be a decent starting point, but I was particularly interested in allowing password-based logins to OpenVPN using a username/password backed by FreeIPA (opposed to client certificates) as the identity provider.
- IPA join your VPN machine:
ipa-client-install --mkhomedir
- Get a kerberos ticket:
kinit
- Create a Kerberos service principle and HBAC rule for openvpn access:
ipa service-add openvpn/`hostname`
- Create new hbacrule in console, mark host as the VPN host, and whatever group you want to restrict access to:
First let's update everything I am running all commands as sudo but you run with the level you want
sudo apt-get update -y && sudo apt-get upgrade -y
Now let's install Ruby
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"defaultProfile": "{7d04ce37-c00f-43ac-ba47-992cb1393215}", | |
"initialRows": 30, | |
"initialCols": 120, | |
"alwaysShowTabs": true, | |
"showTerminalTitleInTitlebar": true, | |
"experimental_showTabsInTitlebar": true, | |
"requestedTheme": "dark", | |
"profiles": [ | |
{ |