Skip to content

Instantly share code, notes, and snippets.

@reyjrar
reyjrar / elasticsearch.yml
Last active Jul 2, 2020
ElasticSearch config for a write-heavy cluster
View elasticsearch.yml
##################################################################
# /etc/elasticsearch/elasticsearch.yml
#
# Base configuration for a write heavy cluster
#
# Cluster / Node Basics
cluster.name: logng
# Node can have abritrary attributes we can use for routing
@reyjrar
reyjrar / local-cpan-mirror.txt
Created Nov 17, 2011
Local CPAN Mirror Setup, Simply
View local-cpan-mirror.txt
#=======================================
# Part 1 is Setting up the Mirror Server
# Install CPAN::Mini
$ curl -L http://cpanmin.us | perl - --sudo CPAN::Mini
# Select a CPAN Mirror URL from http://mirrors.cpan.org/
# - We'll use http://cpan.pair.com
# Pick a directory to mirror to, I'll use /var/www/cpan
@reyjrar
reyjrar / New-iTerm-Window.scpt
Created Feb 8, 2012
AppleScript to Open a New iTerm Window and bring it to the front
View New-iTerm-Window.scpt
(*
* New-iTerm-Window.scpt
*
* Intended for use with QuickSilver
* I mapped option-y to running this script to create
* a new iTerm window on the current workspace
*
* Based on much Googling - very little "original" code here
* Comments/Suggestions to brad.lhotsky@gmail.com
*)
@reyjrar
reyjrar / set_global_var.yaml
Created Dec 28, 2019
A task to emulate `-e foo=bar` in a playbook
View set_global_var.yaml
---
- name: "Set a global variable mid-playbook run"
run_once: true
set_fact:
"{{ global_name }}": "{{ global_value }}"
delegate_to: "{{ _all__hostname }}"
loop: "{{ groups['all'] }}"
loop_control:
loop_var: "_all__hostname"
@reyjrar
reyjrar / install.sh
Last active Oct 22, 2019
Install App::ElasticSearch::Utilities
View install.sh
#!/bin/bash
# Install perlbrew
curl -L https://install.perlbrew.pl | bash
# Setup perlbrew
perlbrew install -j8 -n 5.30.0
perlbrew switch 5.30.0
perlbrew install-cpanm
@reyjrar
reyjrar / es-utils.yaml
Last active May 19, 2019
Simple es-utils config
View es-utils.yaml
---
host: localhost
port: 9200
base: syslog
days: 1
timestamp: '@timestamp'
@reyjrar
reyjrar / .es-utils.yaml
Last active May 19, 2019
More advanced es-utils configuration for multiple index coverage
View .es-utils.yaml
---
host: localhost
port: 9200
base: syslog
days: 1
meta:
access:
timestamp: timestamp
ossec:
timestamp: ts
@reyjrar
reyjrar / logstash-template.json
Last active Jul 4, 2018
Template for logstash indexes
View logstash-template.json
{
"template": "logstash-*",
"settings" : {
"index.number_of_shards" : 3,
"index.number_of_replicas" : 1,
"index.query.default_field" : "@message",
"index.routing.allocation.total_shards_per_node" : 2,
"index.auto_expand_replicas": false
},
"mappings": {
@reyjrar
reyjrar / ossec-accumulator-2.7.0.patch
Created Nov 26, 2012
OSSEC Accumulator Patch against 2.7.0
View ossec-accumulator-2.7.0.patch
diff --git a/etc/decoder.xml b/etc/decoder.xml
index a7846ad..1087918 100755
--- a/etc/decoder.xml
+++ b/etc/decoder.xml
@@ -1841,6 +1841,7 @@
</decoder>
<!-- decoder for active responses as logged by an OSSEC agent or server
+
- Examples
@reyjrar
reyjrar / logstash.conf
Created Jul 5, 2012
LogStash Configuration
View logstash.conf
input {
tcp {
type => "syslog"
port => 8514
}
}
filter {
## DISCARD IMPROPERLY FORMATTED MESSAGES
You can’t perform that action at this time.