Setup
bin/kafka-topics.sh \
--zookeeper zookeeper.example.com:2181 \
--create \
<Sysmon schemaversion="4.32"> | |
<!-- Capture all hashes --> | |
<HashAlgorithms>*</HashAlgorithms> | |
<DnsLookup>False</DnsLookup> | |
<ArchiveDirectory>Archive</ArchiveDirectory> | |
<EventFiltering> | |
<RuleGroup name="" groupRelation="or"> | |
<!-- Event ID 1 == Process Creation. Log all newly created processes except --> | |
<ProcessCreate onmatch="exclude"> | |
<Image condition="contains">splunk</Image> |
Sometimes, you need to fake something in Splunk. Might be during development and you don't feel like writing a real search, but you really need a number for a dashboard panel to look right. Maybe you are helping someone with a hairy regex, and you don't want to index data just to test it on your instance. Whatever the reason, here are some searches that have helped me out.
Note that when using these techniques, you are not going through the indexing
-- Fuzzy Window Switcher | |
_fuzzyChoices = nil | |
_fuzzyChooser = nil | |
_fuzzyLastWindow = nil | |
function fuzzyQuery(s, m) | |
s_index = 1 | |
m_index = 1 | |
match_start = nil |
1. No way of reusing task output in main play. | |
2. Cannot specify multiple fail_when statements. | |
3. [*] A play is atomic, i.e. I can't take the output from a command, parse its json then act on it. I need to create an intermediary fact containing the json dict then use that in another play. It's tedious. | |
4. If you're missing a variable in a variable file, Ansible won't fail to parse it. It will just tell you "VARIABLE IS NOT DEFINED!," which is ambiguous | |
5. Doing anything "complicated" (like looping within a loop for deeply nested Ansible variables) is right out. | |
6. selectattr doesn't actually do what you think it does! | |
7. Missing vars within tasks or roles can lead to very very VERY cryptic errors | |
8. So you can't set booleans with set_facts without casting......... https://github.com/ansible/ansible/issues/5463 | |
9. It would be great if I could say something like: |
// url is the link for the form view page | |
// data is the name attribute of the field | |
$.ajax({ | |
url: "https://docs.google.com/forms/d/1iqMixtVq4O0AFvYCZHbGerigi1G5Qb3XthXZX9VpNtk/formResponse", | |
data: { "entry.1679407376": field1}, | |
type: "POST", | |
dataType: "xml", | |
statusCode: { |
swfrender -o out.png fig_1853.swf | |
mogrify -resample 72x72 -resize 256x256 *.png | |
convert -delay 100 -loop 1 out-*.png animation.gif | |
convert -delay 10 -loop 1 -background white -alpha remove -layers OptimizePlus out-*.png animation.gif | |
convert \ | |
-delay 10 \ | |
$(for i in $(seq 0 5 100); do echo foo${i}.png; done) \ | |
-loop 0 \ |
""" | |
Free to use under the MIT license | |
Builds a static site from a list of Markdown source files. The source | |
files should have the same directory structure as the desired output. | |
Files are rendered using Markdown2 and can declare metadata variables: | |
--- |