Ross Golder rossigee
rossigee
/ nodered-syslog-to-elasticsearch.json
Last active
February 25, 2019 12:49
NodeRED flow to accept Nginx proxy access logs via syslog and post to ElasticSearch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "id": "1dffb66d.88ae0a", | |
| "type": "function", | |
| "z": "7be8537a.9bbd5c", | |
| "name": "Reset dropped entry count", | |
| "func": "flow.set(\"dropped_entries\", 0);\nreturn null;", | |
| "outputs": "0", | |
| "noerr": 0, | |
| "x": 603.8958129882812, |
rossigee
/ nodered-elasticsearch-50x-check.json
Created
February 26, 2019 02:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| "id": "d1f664fb.d8fb38", | |
| "type": "tab", | |
| "label": "Recent 50x proxy entries" | |
| }, | |
| { | |
| "id": "8b520419.7182e8", | |
| "type": "inject", | |
| "z": "d1f664fb.d8fb38", |
rossigee
/ gist:6efe978b482b2062ed2bd3f3ea6a4949
Created
March 4, 2019 11:57
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Verifying my Blockstack ID is secured with the address 16ukZMicPrZsMfXjqq3zq5LudRNK4vGexV https://explorer.blockstack.org/address/16ukZMicPrZsMfXjqq3zq5LudRNK4vGexV |
rossigee
/ deploy-docker-and-compose.sh
Last active
March 14, 2020 04:14
A quick curlable to deploy docker engine and docker-compose.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| export LC_ALL=C | |
| export DEBIAN_FRONTEND=noninteractive | |
| # Install Docker engine | |
| echo "Installing docker engine..." | |
| apt -q install --assume-yes \ | |
| apt-transport-https \ | |
| ca-certificates \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "net" | |
| "net/http" | |
| "alexejk.io/go-xmlrpc" | |
| ) |
rossigee
/ gist:08bd586a9ec4b6f8c1fc5fb0c4a3a77e
Last active
May 24, 2023 05:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import requests | |
| def get_ipam_addresses(api_url, token, ca_cert): | |
| headers = { | |
| 'Authorization': f'Token {token}', | |
| 'Content-Type': 'application/json' | |
| } | |
| # Fetch all IP addresses from NetBox |
rossigee
/ gist:7ce48ece0d0c2e28893235579bb48b68
Last active
August 24, 2023 03:27
Lua hack for RFC3164 timestamps
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Hack to workaround lack of precision in RFC3164 dates. | |
| require "os" | |
| function rfc3164_to_timestamp(rfc3164_log) | |
| local month_names = { | |
| Jan = "01", Feb = "02", Mar = "03", Apr = "04", | |
| May = "05", Jun = "06", Jul = "07", Aug = "08", | |
| Sep = "09", Oct = "10", Nov = "11", Dec = "12" | |
| } |
rossigee
/ gist:052ff68cd59b32df7f78b3b7234b5c3b
Last active
August 25, 2023 04:46
Some fluent-bit parsers for RFC3134 parsing of Mikrotik logs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [PARSER] | |
| Name syslog-rfc3164-safe | |
| Format regex | |
| Regex /\<(?<pri>[0-9]+)\>(?<time>\w{3}\s+\d+\s\d{2}:\d{2}:\d{2})\s(?<host>[^ ]*)\s(?<ident>[a-zA-Z0-9_\/\.\-\+,]*)(\[(?<pid>\d+)\])*:?\s(?<message>.*)/ | |
| Time_Key time | |
| Time_Format %b %d %H:%M:%S | |
| Time_Keep On | |
| [PARSER] | |
| Name ssh_access_logs_mikrotik |
rossigee
/ gist:05048dae301864d180773f3d31208c24
Created
September 6, 2023 07:42
Fetch Windows Administrator password from EC2 using Terragrunt/Terraform state
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # | |
| # Run this in the Terraform folder for the instance to reconstruct the Administator password. | |
| # | |
| # Example usage: | |
| # | |
| # get-windows-administrator-password | |
| # | |
| INSTANCE_ID=$1 |
rossigee
/ custom_parsers.conf
Created
October 2, 2023 23:13
Custom fluent-bit parsers for Ubuntu 20.04+
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [PARSER] | |
| Name ubuntu-syslog-with-pid | |
| Format regex | |
| Regex /^(?<timestamp>\S+\s+\d{1,2}\s+\d{2}:\d{2}:\d{2})\s(?<hostname>\S+)\s(?<process>\S+)\[(?<pid>\d+)\]:\s(?<message>.*)$/ | |
| Time_Key time | |
| Time_Format %b %d %H:%M:%S | |
| Time_Keep On | |
| [PARSER] | |
| Name ubuntu-syslog-without-pid |