My main development workstation is a Windows 10 machine, so we'll approach this from that viewpoint.
Recently, Google Chrome started giving me a warning when I open a site that uses https and self-signed certificate on my local development machine due to some SSL certificate issues like the one below:
| ## Description | |
| Sometimes you need to parse CEF with logstash but it is wrapped in some other format, such as JSON or syslog. In this case, you can't use the CEF codec in the input, so you're doomed to do it yourself since there is not currently a CEF codec for filter blocks. Try this logstash recipe, it works well. Just rmeember a comma will break it- so feel free to replace "," with a more rare character like "|" or something... | |
| ## Context | |
| At this point, the message has been processed so its a full CEF message starting in cef_message. Syslog "headers" were already removed in a previous step. | |
| ## Stripped from production |
| # | |
| # Add Event ID descriptions to Event Log messages from Logstash | |
| # | |
| # This isn't perfact, but it will get the job done with *minimal* false descriptions.. | |
| # It takes an Event ID and create a new field with a description of that Event ID | |
| # | |
| # BTW, logstash supports storing the dictionary in an external file, which is kind of cool... | |
| # | |
| filter { | |
| if "winlog" in [tags] and [SourceName] == "wineventlog" { |
| # | |
| # Palo Alto (annoingly) emits logs that have fields like this | |
| # | |
| # cn1Label: Session | |
| # cn1: 12345 | |
| # cn2Label: Direction | |
| # cn2: Out | |
| # ... | |
| # | |
| # The following config for logstash is a way to fix it into: |
| riftfile /var/lib/ntp/ntp.drift | |
| statsdir /var/log/ntpstats/ | |
| restrict default ignore | |
| restrict 127.0.0.1 | |
| restrict 127.127.1.0 | |
| restrict -6 ::1 | |
| # You only want to allow a class 24 and two specific hosts to query your server for time |
You need to install ARMv5 gcc cross compiler: apt-get install gcc-arm-linux-gnueabi
You have to define a directory (via --prefix) where all of your binaries will be installed (copied). In the guide I use the following: /home/user/vpn_compile
wget https://www.openssl.org/source/openssl-1.0.2j.tar.gz| #!/bin/bash | |
| # | |
| # Fix for issue caused by pip10 upgrade | |
| # Run this script while in any pybuil23 based project | |
| # directory to fix | |
| # | |
| function die() { | |
| echo "$1" | |
| echo "Exiting ..." |
| # uname -a | |
| Linux es48 3.6.5-1b505fb7 #1 SMP Tue Apr 3 19:13:28 CST 2018 armv7l n | |
| # id | |
| uid=0(root) gid=0(root) | |
| # dmesg | |
| Booting Linux on physical CPU 0 | |
| Linux version 3.6.5-1b505fb7 (es-builder@ES-Builder1) (gcc version 4.7.2 (Broadcom Linux) ) #1 SMP Tue Apr 3 19:13:28 CST 2018 | |
| CPU: ARMv7 Processor [414fc091] revision 1 (ARMv7), cr=10c53c7d | |
| CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache |
| #!/bin/bash | |
| # Here short description of this script | |
| # This is just a template to be used for writing new bash scripts | |
| ### | |
| # Based on Google Style Guide: https://google.github.io/styleguide/shell.xml | |
| # General remarks | |
| # * Executables should have no extension (strongly preferred) or a .sh extension. | |
| # * Libraries must have a .sh extension and should not be executable |
| #!/usr/bin/env python2 | |
| # -*- coding: utf-8 -*- | |
| from __future__ import print_function | |
| import os | |
| import sys | |
| import yaml | |
| def dir_to_dict(path): | |
| directory = dict() |