Skip to content

Instantly share code, notes, and snippets.

View metasyn's full-sized avatar

Xander Johnson metasyn

80 followers · 90 following
View GitHub Profile
@metasyn
metasyn / splunk_app_info_scraper.py
Created October 6, 2014 00:21
splunk_app_scraper.py
# Splunk App Information Scraper
# Note, it also scapes TAs
# Alexander Johnson
# xander@splunk.com
# @metasyn
# requires lxml
import re
@metasyn
metasyn / gist:8baa2500d8e2bb6d96b9
Created April 6, 2015 23:30
{
"cells": [
{
"cell_type": "code",
"execution_count": 2,
"metadata": {
"collapsed": false
},
"outputs": [],
"source": [
@metasyn
metasyn / gist:51bc4f49af0d32df3c6a
Last active August 29, 2015 14:19
LDI
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# [Linguistic Diversity Index](http://en.wikipedia.org/wiki/Linguistic_diversity_index)\n",
"\n",
">Greenberg's Diversity Index (LDI) is the probability that two people selected from the population at random will have different mother tongues; it therefore ranges from 0 (everyone has the same mother tongue) to 1 (no two people have the same mother tongue).\n",
"\n",
@metasyn
metasyn / gist:5b1224c273bb9ceef3e3
Created April 13, 2015 21:17
{
"cells": [
{
"cell_type": "markdown",
"metadata": {},
"source": [
"# [Linguistic Diversity Index](http://en.wikipedia.org/wiki/Linguistic_diversity_index)\n",
"\n",
">Greenberg's Diversity Index (LDI) is the probability that two people selected from the population at random will have different mother tongues; it therefore ranges from 0 (everyone has the same mother tongue) to 1 (no two people have the same mother tongue).\n",
"\n",
@metasyn
metasyn / splgeneral
Created May 11, 2015 22:41
Hello!
# SPL General Practices
1.) Filter by time first.
>“. . . time is the most efficient filter”
2.) Use host, source, sourcetype
>“After time, the most powerful keywords are host, source, sourcetype”
@metasyn
metasyn / gist:b38e8c3143961e48af9f
Created June 25, 2015 21:14
treemap.js
define(function(require, exports, module) {
// We have a few dependencies; namely, d3, and d3plus
// In order for d3plus to get loaded, we need to load it into
// the name var, d3
var d3 = require("../d3/d3");
var d3 = require("../d3plus/d3plus");
var _ = require("underscore");
var SimpleSplunkView = require("splunkjs/mvc/simplesplunkview");
var TreeMap= SimpleSplunkView.extend({
@metasyn
metasyn / gist:a9e4552da84f25659d12
Created July 14, 2015 20:09
// prism languages for splunk searches.
Prism.languages.mcurve = {
'comment': {
pattern: /(^|[^\\])#.*?(\r?\n|$)/g,
lookbehind: true
},
'saf' : /\|?\s*(search|where)[^\|]*/,
'munge' : /\|\s*(eval|eventstats|streamstats)[^\|]*/,
'report' : /\|\s*(stats|timechart|chart)[^\|]*/,
@metasyn
metasyn / index.html
Created July 22, 2015 06:21
fatal police shootings in 2015 (as of July)
<!doctype html>
<meta charset="utf-8">
<!--
fatal police shootings
This data came from the Washington Post's repo
https://github.com/washingtonpost/data-police-shootings
It is a database of every fatal shooting in the United States
by a police officer in the line of duty in 2015.
@metasyn
metasyn / monokai.css
Last active December 7, 2015 15:41
rainbow + splunk support
/**
* Monokai theme
*
* Adapted from Wimer Hazenberg's TextMate theme of the same name
*
* @author Wimer Hazenberg
* @author Michael Fasani
* @author Craig Campbell
* @version 1.0.0
*/
@metasyn
metasyn / idibon.py
Created December 15, 2015 02:09
splunk sentiment analysis with idibon
import httplib
import json
import splunk.Intersplunk
connection = httplib.HTTPConnection("localhost:8080")
results,unused1,unused2 = splunk.Intersplunk.getOrganizedResults()
for result in results: