Kim Jong-seon soulsearcher
soulsearcher
/ logstash-iptables.conf
Last active
March 8, 2018 07:26
logstash pipeline for iptables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| # dummy data from files | |
| file { | |
| path => "D:/dev/sample-logs/iptables/iptables-*" | |
| start_position => "beginning" | |
| } | |
| beats { | |
| port => 5044 | |
| } |
soulsearcher
/ elastalert-telegram.yaml
Last active
September 8, 2022 08:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Alert when a login event is detected for user "admin" never before seen IP | |
| # In this example, "login" logs contain which user has logged in from what IP | |
| # (Optional) | |
| # Elasticsearch host | |
| es_host: localhost | |
| # (Optional) | |
| # Elasticsearch port | |
| es_port: 9200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is the folder that contains the rule yaml files | |
| # Any .yaml file will be loaded as a rule | |
| rules_folder: example_rules | |
| # How often ElastAlert will query Elasticsearch | |
| # The unit can be anything from weeks to seconds | |
| run_every: | |
| minutes: 1 | |
| # ElastAlert will buffer results from the most recent |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| # dummy data from files | |
| #file { | |
| # path => "D:/dev/elastic5/sample-logs/vpn/messages-*" | |
| # start_position => "beginning" | |
| #} | |
| beats { | |
| port => 5044 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| # | |
| #domain = "soulsearcher.com" | |
| nodes = [ | |
| { :hostname => 'master', :ip => '192.168.56.70', :box => 'bento/centos-7.4', :ram => 5120 }, | |
| { :hostname => 'data-1', :ip => '192.168.56.71', :box => 'bento/centos-7.4'}, | |
| ] |
soulsearcher
/ vagrantfile-for-haproxy
Created
January 20, 2018 12:18
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| Vagrant.configure("2") do |config| | |
| (60..63).each do |i| | |
| config.vm.define "haproxy-#{i}" do |node| | |
| node.vm.box = "bento/ubuntu-16.04" | |
| node.vm.provider:virtualbox do |vb| | |
| vb.name = "haproxy-#{i}" |
soulsearcher
/ centos73-1611-post-processors.json
Last active
September 7, 2017 13:44
packer post-processors
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "variables": { | |
| "iso_url": "http://ftp.daumkakao.com/centos/7.3.1611/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso", | |
| "iso_checksum": "27bd866242ee058b7a5754e83d8ee8403e216b93d130d800852a96f41c34d86a", | |
| "iso_checksum_type": "sha256", | |
| "ssh_username": "root", | |
| "ssh_password": "vagrant", | |
| "disk_size": "8192" | |
| }, | |
| "builders": [ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "variables": { | |
| "iso_url": "http://ftp.daumkakao.com/centos/7.3.1611/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso", | |
| "iso_checksum": "27bd866242ee058b7a5754e83d8ee8403e216b93d130d800852a96f41c34d86a", | |
| "iso_checksum_type": "sha256", | |
| "ssh_username": "root", | |
| "ssh_password": "vagrant", | |
| "disk_size": "8192" | |
| }, | |
| "builders": [ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "builders": [ | |
| { | |
| "type": "virtualbox-iso", | |
| "guest_os_type": "RedHat_64", | |
| "iso_url": "http://ftp.daumkakao.com/centos/7.3.1611/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso", | |
| "iso_checksum": "27bd866242ee058b7a5754e83d8ee8403e216b93d130d800852a96f41c34d86a", | |
| "iso_checksum_type": "sha256", | |
| "http_directory": "http", | |
| "boot_command": "<tab> text ks=http://{{ .HTTPIP }}:{{ .HTTPPort }}/ks-centos73-1611.cfg<enter><wait>", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # kickstart for centos7 | |
| # reference - https://github.com/boxcutter/centos/blob/master/http/ks7.cfg | |
| # | |
| lang en_US.UTF-8 | |
| keyboard us | |
| rootpw vagrant | |
| auth --useshadow --passalgo=sha512 | |
| timezone UTC |
NewerOlder