Skip to content

Instantly share code, notes, and snippets.

View robcowart's full-sized avatar

Rob Cowart robcowart

430 followers · 0 following
View GitHub Profile
@robcowart
robcowart / elastiflow_5.4_ilm_rollover.md
Created April 28, 2022 07:32

NOTE: The examples below are for when ECS support is enabled.

  1. Create an ILM policy named elastiflow via Kibana UI or via the Elasticsearch API (using Kibana Dev Tools). For example:
PUT _ilm/policy/elastiflow
{
  "policy": {
    "phases": {
 "hot": {
@robcowart
robcowart / elastiflow_5.3_ilm_rollover.md
Last active March 8, 2022 19:32
elastiflow_5.3_ilm_rollover

NOTE: The examples below are for when ECS support is enabled.

  1. Create an ILM policy named elastiflow via Kibana UI or via the Elasticsearch API (using Kibana Dev Tools). For example:
PUT _ilm/policy/elastiflow
{
  "policy": {
    "phases": {
 "hot": {
@robcowart
robcowart / elastiflow_5.1_ilm_rollover.md
Last active December 5, 2021 07:00
ElastiFlow 5.1 ILM Rollover Setup

NOTE: The examples below are for when ECS support is enabled.

  1. Create an ILM policy named elastiflow via Kibana UI or via the Elasticsearch API (using Kibana Dev Tools). For example:
PUT _ilm/policy/elastiflow
{
  "policy": {
    "phases": {
 "hot": {
@robcowart
robcowart / elastiflow_offline_install_centos8.md
Last active June 1, 2022 01:55
@robcowart
robcowart / telegraf_iextrading
Created November 27, 2018 16:41
Telegraf HTTP Input to query cryptocurrency and select stock quotes from IEX Trading
[[inputs.http]]
urls = [
"https://api.iextrading.com/1.0/stock/market/crypto",
"https://api.iextrading.com/1.0/stock/AMZN/quote",
"https://api.iextrading.com/1.0/stock/AAPL/quote",
"https://api.iextrading.com/1.0/stock/INTC/quote",
"https://api.iextrading.com/1.0/stock/TWTR/quote",
"https://api.iextrading.com/1.0/stock/YELP/quote",
"https://api.iextrading.com/1.0/stock/TEAM/quote",
"https://api.iextrading.com/1.0/stock/GOOG/quote",
@robcowart
robcowart / telegraf_coindesk
Created November 26, 2018 22:35
Telegraf HTTP Input and Processors to query Bitcoin prices from CoinDesk
[[inputs.http]]
urls = ["https://api.coindesk.com/v1/bpi/currentprice.json"]
method = "GET"
interval = "60s"
timeout = "5s"
data_format = "json"
name_override = "coindesk"
[inputs.http.tags]
price_index = "bitcoin"
@robcowart
robcowart / vscode_settings.json
Created November 19, 2018 18:46
{
"editor.minimap.enabled": false,
"editor.tabSize": 2,
"window.zoomLevel": 0,
"workbench.colorCustomizations":{
"activityBar.background": "#282c34",
"editor.background": "#1c2024",
"editorCursor.foreground": "#528bff",
"editorGroup.background": "#282c34",
"editorGroupHeader.tabsBackground": "#282c34",
@robcowart
robcowart / nprobe.conf
Created May 20, 2018 10:04
Improved nProbe Configuration File
# This configuration for nProbe exposes many more options than is available in the file provided
# when downloading nProbe.
#
# Most likely you will only need to change the -n and -i options for your environment. However, a
# number of other options are documented in case you need them.
#
# The provided template works very well with ElastiFlow - A solution to collect and analyze network
# flow data using the Elastic Stack. ElastiFlow is available from:
# https://github.com/robcowart/elastiflow