This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- AXFR Logs | |
06-Mar-2013 09:16:37.228 xfer-out: client 10.1.1.5#37937: view internal: transfer of 'example.com/IN': IXFR started | |
06-Mar-2013 09:16:37.228 xfer-out: client 10.1.1.5#37937: view internal: transfer of 'example.com/IN': IXFR ended | |
06-Mar-2013 09:18:26.971 xfer-out: client 10.1.6.3#35733: view internal: transfer of 'test.example.com/IN': AXFR-style IXFR started | |
06-Mar-2013 09:18:26.974 xfer-out: client 10.1.6.3#35733: view internal: transfer of 'test.example.com/IN': AXFR-style IXFR ended | |
--> | |
<decoder name="bind-axfr-start"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
commit 47f1803471ec4c8f9c69c42680019bc002ef304b | |
Author: Brad Lhotsky <brad.lhotsky@booking.com> | |
Date: Tue May 28 17:59:21 2013 +0200 | |
Active response was not passing the filename in file events, ie, | |
syscheck. The Eventinfo struct only included file data for builds with | |
Prelude integration. This prevented the AR from handing filename off | |
anyways. | |
* Eventinfo now contains file data always | |
* Added *expect* option for 'filename' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* Escape a set of characters */ | |
char *os_shell_escape(const char *src) { | |
// Maximum Length of the String is 2xthe current length | |
char shell_escapes[] = { '\\', '"', '\'', ' ', '\t', ';', '`', '>', '<', '|', '#', | |
'*', '[', ']', '{', '}', '&', '$', '!', ':', '(', ')' }; | |
char *escaped_string; | |
int length = 0; | |
int i = 0; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env perl | |
use strict; | |
use warnings; | |
use Irssi; | |
use Irssi::Irc; | |
use MIME::Lite; | |
use Sys::Hostname; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
select | |
srv.id, | |
srv.ip, | |
r.opcode, | |
r.status, | |
count(1) as queries, | |
sum(count(1)) OVER (PARTITION BY r.server_id) as total | |
from packet_response r | |
inner join server srv on r.server_id = srv.id |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
select | |
CAST(regexp_replace( CAST( ip | inet '0.0.0.255' as TEXT), '255/32$', '0') || '/24' as inet) as network, | |
regexp_replace( CAST( ip | inet '0.0.0.255' as TEXT), '255/32$', '0') as network_addr, | |
count(1) as clients, | |
to_char(min(first_ts), 'YYYY-MM-DD HH24:MI') as first_ts, | |
to_char(max(last_ts), 'YYYY-MM-DD HH24:MI') as last_ts, | |
bool_or(is_local) as is_local | |
from client | |
group by ip | inet '0.0.0.255' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Rsyslog Defaults | |
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat | |
$WorkDirectory /var/run/rsyslog # Default Location for Work Files | |
# Modules | |
$ModLoad immark | |
$ModLoad imklog | |
$ModLoad imuxsock | |
# Local Logging |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
BASEDIR=$HOME/code/project | |
UPSTREAM="$BASEDIR/upstream" | |
WORKING="$BASEDIR/working" | |
RSYNC_OPTS="" | |
(( $DEBUG )) && RSYNC_OPTS="--dry-run -v" | |
cd $UPSTREAM; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
int Accumulate(Eventinfo *lf) | |
{ | |
// Declare our variables | |
bool do_update = false; | |
char _key[OS_ACM_MAXKEY]; | |
char _data[OS_ACM_MAXDATA]; | |
char hashed_line[OS_ACM_MAXDATA]; | |
char hash_buffer[OS_ACM_MAXELM]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# | |
# Script to manage syslog storage capacity | |
# Remove anything older than 1 year | |
find /var/log/remote/ -mindepth 2 -mtime +365 -type f -exec rm '{}' \; | |
# Remove empty directories | |
find /var/log/remote/ -type d -empty -exec rmdir '{}' \; |