Skip to content

Instantly share code, notes, and snippets.

View reyjrar's full-sized avatar

Brad Lhotsky reyjrar

154 followers · 131 following
View GitHub Profile
@reyjrar
reyjrar / elasticsearch.yml
Last active May 12, 2023 11:58
ElasticSearch config for a write-heavy cluster
##################################################################
# /etc/elasticsearch/elasticsearch.yml
#
# Base configuration for a write heavy cluster
#
# Cluster / Node Basics
cluster.name: logng
# Node can have abritrary attributes we can use for routing
@reyjrar
reyjrar / local-cpan-mirror.txt
Created November 17, 2011 03:14
Local CPAN Mirror Setup, Simply
#=======================================
# Part 1 is Setting up the Mirror Server
# Install CPAN::Mini
$ curl -L http://cpanmin.us | perl - --sudo CPAN::Mini
# Select a CPAN Mirror URL from http://mirrors.cpan.org/
# - We'll use http://cpan.pair.com
# Pick a directory to mirror to, I'll use /var/www/cpan
@reyjrar
reyjrar / New-iTerm-Window.scpt
Created February 8, 2012 13:14
AppleScript to Open a New iTerm Window and bring it to the front
(*
* New-iTerm-Window.scpt
*
* Intended for use with QuickSilver
* I mapped option-y to running this script to create
* a new iTerm window on the current workspace
*
* Based on much Googling - very little "original" code here
* Comments/Suggestions to brad.lhotsky@gmail.com
*)
@reyjrar
reyjrar / Output.txt
Created April 14, 2021 20:32
Ansible bug with parameterized roles
PLAY [localhost] ***************************************************************************************************************************
TASK [Gathering Facts] *********************************************************************************************************************
ok: [localhost]
TASK [Running for first] *******************************************************************************************************************
TASK [bar : debug] *************************************************************************************************************************
ok: [localhost] => {
"msg": "var_bar is second"
@reyjrar
reyjrar / set_global_var.yaml
Created December 28, 2019 18:16
A task to emulate `-e foo=bar` in a playbook
---
- name: "Set a global variable mid-playbook run"
run_once: true
set_fact:
"{{ global_name }}": "{{ global_value }}"
delegate_to: "{{ _all__hostname }}"
loop: "{{ groups['all'] }}"
loop_control:
loop_var: "_all__hostname"
@reyjrar
reyjrar / install.sh
Last active October 22, 2019 13:06
Install App::ElasticSearch::Utilities
#!/bin/bash
# Install perlbrew
curl -L https://install.perlbrew.pl | bash
# Setup perlbrew
perlbrew install -j8 -n 5.30.0
perlbrew switch 5.30.0
perlbrew install-cpanm
@reyjrar
reyjrar / es-utils.yaml
Last active May 19, 2019 00:35
Simple es-utils config
---
host: localhost
port: 9200
base: syslog
days: 1
timestamp: '@timestamp'
@reyjrar
reyjrar / .es-utils.yaml
Last active May 19, 2019 00:35
More advanced es-utils configuration for multiple index coverage
---
host: localhost
port: 9200
base: syslog
days: 1
meta:
access:
timestamp: timestamp
ossec:
timestamp: ts
@reyjrar
reyjrar / logstash-template.json
Last active July 4, 2018 14:39
Template for logstash indexes
{
"template": "logstash-*",
"settings" : {
"index.number_of_shards" : 3,
"index.number_of_replicas" : 1,
"index.query.default_field" : "@message",
"index.routing.allocation.total_shards_per_node" : 2,
"index.auto_expand_replicas": false
},
"mappings": {
@reyjrar
reyjrar / ossec-accumulator-2.7.0.patch
Created November 26, 2012 20:17
OSSEC Accumulator Patch against 2.7.0
diff --git a/etc/decoder.xml b/etc/decoder.xml
index a7846ad..1087918 100755
--- a/etc/decoder.xml
+++ b/etc/decoder.xml
@@ -1841,6 +1841,7 @@
</decoder>
<!-- decoder for active responses as logged by an OSSEC agent or server
+
- Examples