Skip to content

Instantly share code, notes, and snippets.

@soulsearcher
soulsearcher / logstash-iptables.conf
Last active March 8, 2018 07:26
logstash pipeline for iptables
input {
# dummy data from files
file {
path => "D:/dev/sample-logs/iptables/iptables-*"
start_position => "beginning"
}
beats {
port => 5044
}
# Alert when a login event is detected for user "admin" never before seen IP
# In this example, "login" logs contain which user has logged in from what IP
# (Optional)
# Elasticsearch host
es_host: localhost
# (Optional)
# Elasticsearch port
es_port: 9200
@soulsearcher
soulsearcher / config.yaml
Created February 23, 2018 05:37
elastalert config
# This is the folder that contains the rule yaml files
# Any .yaml file will be loaded as a rule
rules_folder: example_rules
# How often ElastAlert will query Elasticsearch
# The unit can be anything from weeks to seconds
run_every:
minutes: 1
# ElastAlert will buffer results from the most recent
@soulsearcher
soulsearcher / logstash-openvpn.conf
Last active November 7, 2022 01:56
logstash for openvpn log
input {
# dummy data from files
#file {
# path => "D:/dev/elastic5/sample-logs/vpn/messages-*"
# start_position => "beginning"
#}
beats {
port => 5044
}
@soulsearcher
soulsearcher / Vagrantfile
Created February 9, 2018 07:51
vagrantfiles for elastic
# -*- mode: ruby -*-
# vi: set ft=ruby :
#
#domain = "soulsearcher.com"
nodes = [
{ :hostname => 'master', :ip => '192.168.56.70', :box => 'bento/centos-7.4', :ram => 5120 },
{ :hostname => 'data-1', :ip => '192.168.56.71', :box => 'bento/centos-7.4'},
]
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
(60..63).each do |i|
config.vm.define "haproxy-#{i}" do |node|
node.vm.box = "bento/ubuntu-16.04"
node.vm.provider:virtualbox do |vb|
vb.name = "haproxy-#{i}"
@soulsearcher
soulsearcher / centos73-1611-post-processors.json
Last active September 7, 2017 13:44
packer post-processors
{
"variables": {
"iso_url": "http://ftp.daumkakao.com/centos/7.3.1611/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso",
"iso_checksum": "27bd866242ee058b7a5754e83d8ee8403e216b93d130d800852a96f41c34d86a",
"iso_checksum_type": "sha256",
"ssh_username": "root",
"ssh_password": "vagrant",
"disk_size": "8192"
},
"builders": [
@soulsearcher
soulsearcher / centos73-1611-parallel.json
Created September 5, 2017 02:29
packer parallel builds
{
"variables": {
"iso_url": "http://ftp.daumkakao.com/centos/7.3.1611/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso",
"iso_checksum": "27bd866242ee058b7a5754e83d8ee8403e216b93d130d800852a96f41c34d86a",
"iso_checksum_type": "sha256",
"ssh_username": "root",
"ssh_password": "vagrant",
"disk_size": "8192"
},
"builders": [
@soulsearcher
soulsearcher / centos73-1611-provisioner.json
Created September 4, 2017 14:25
packer configuration
{
"builders": [
{
"type": "virtualbox-iso",
"guest_os_type": "RedHat_64",
"iso_url": "http://ftp.daumkakao.com/centos/7.3.1611/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso",
"iso_checksum": "27bd866242ee058b7a5754e83d8ee8403e216b93d130d800852a96f41c34d86a",
"iso_checksum_type": "sha256",
"http_directory": "http",
"boot_command": "<tab> text ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks-centos73-1611.cfg<enter><wait>",
@soulsearcher
soulsearcher / ks-centos73-1611.cfg
Created September 1, 2017 05:31
Kickstart file for centos 7
#
# kickstart for centos7
# reference - https://github.com/boxcutter/centos/blob/master/http/ks7.cfg
#
lang en_US.UTF-8
keyboard us
rootpw vagrant
auth --useshadow --passalgo=sha512
timezone UTC