Darren Foo stonith
stonith
/ nxlog.conf
Created
July 24, 2012 21:44
nxlog W2K3R2 send IIS6/Windows Application/System Eventlogs sent to nxlog target via internal nxlog binary format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## This is a sample configuration file. See the nxlog reference manual about the | |
| ## configuration options. It should be installed locally and is also available | |
| ## online at http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html | |
| ## Please set the ROOT to the folder your nxlog was installed into, | |
| ## otherwise it will not start. | |
| define ROOT C:\Program Files\nxlog | |
| #define ROOT C:\Program Files (x86)\nxlog |
stonith
/ nxlog.conf
Last active
October 7, 2015 13:37
nxlog receive IIS logs and Winevent logs via nxlog binary transport on Centos6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##This is a sample configuration file. See the nxlog reference manual about the | |
| ## configuration options. It should be installed locally under | |
| ## /usr/share/doc/nxlog-ce/ and is also available online at | |
| ## http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html | |
| ######################################## | |
| # Global directives # | |
| ######################################## | |
| User nxlog | |
| Group nxlog |
stonith
/ logstash.conf
Created
July 24, 2012 23:32
logstash config to accept iis/wineventlogs and send to elasticsearch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| tcp { | |
| type => "iis" | |
| port => 5141 | |
| format => json | |
| #Disable timeouts as logstash may drop events when timing out | |
| data_timeout => -1 | |
| } | |
| tcp { |
stonith
/ curl
Last active
March 13, 2017 13:04
— forked from nickethier/curl
logstash elasticsearch template - disable _all field, enable simple analyzer, set default query field to @message
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -XPUT localhost:9200/_template/logstash -d ' | |
| { | |
| "template" : "logs-*", | |
| "settings" : { | |
| "index.analysis.analyzer.default.type": "simple", | |
| "index.cache.field.type": "soft", | |
| "index.compress.stored": true, | |
| "index.merge.policy.max_merged_segment": "5g", | |
| "index.query.default_field": "@message", | |
| "index.refresh_interval": "5s", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## This is a sample configuration file. See the nxlog reference manual about the | |
| ## configuration options. It should be installed locally and is also available | |
| ## online at http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html | |
| ## Please set the ROOT to the folder your nxlog was installed into, | |
| ## otherwise it will not start. | |
| #define ROOT C:\Program Files\nxlog | |
| define ROOT C:\Program Files (x86)\nxlog |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| C:/Users/df/Downloads/gems/gems/vagrant-windows-1.1.0/lib/vagrant-windows/communication/winrmcommunicator.rb:118 | |
| :in `new_session': uninitialized constant WinRM::Client (NameError) | |
| from C:/Users/df/Downloads/gems/gems/vagrant-windows-1.1.0/lib/vagrant-windows/communication/winrmcommun | |
| icator.rb:110:in `session' | |
| from C:/Users/df/Downloads/gems/gems/vagrant-windows-1.1.0/lib/vagrant-windows/communication/winrmcommun | |
| icator.rb:32:in `ready?' | |
| from C:/HashiCorp/Vagrant/embedded/gems/gems/vagrant-1.2.2/lib/vagrant/machine.rb:181:in `guest' | |
| from C:/HashiCorp/Vagrant/embedded/gems/gems/vagrant-1.2.2/lib/vagrant/action/builtin/graceful_halt.rb:47:in `ca | |
| ll' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [2013-06-25 04:45:47,493][WARN ][indices.cluster ] [Abner Little] [logstash-2013.04.19][4] failed to start shard | |
| org.elasticsearch.index.gateway.IndexShardGatewayRecoveryException: [logstash-2013.04.19][4] shard allocated for local recovery (post api), should exist, but doesn't, current files: [_1q5b.nrm, _1qnq_es090_0.tip, _1qnp_es090_0.pay, _1qnr_es090_0.pos, _1qnu_es090_0.tip, _1q3x.si, _1qnq_es090_0.tim, _1qnu_es090_0.tim, _1pyy.fnm, _1pye.prx, _1qmv.fdt, _1qnp_es090_0.blm, _1q5b.fdx, _1qnn_es090_0.pay, _1qmv.fdx, _1q5b.prx, _1p3a.frq, _1q5b.fdt, _1q5c.nrm, _1k24.nrm, _1lti.fnm, _1qnu.fnm, _1q5c.prx, _1pye.nrm, _1q5d.tii, _1lti.nrm, _1qne.frq, _1qnn.fnm, _1mss.fdt, _1jnx.fnm, _1lti.prx, _1mss.fdx, _1q5d.fdx, _1qnr_es090_0.blm, _1qne_upgraded.si, _1o5y.fnm, _1q5d.fdt, _1q5d.tis, _1mh3.si, _1qnu_es090_0.doc, _1p3a_upgraded.si, _1p3a.tii, _1q4i.frq, _1lti.fdx, _1q5c.frq, _1e6s.frq, _1lti.fdt, _1p3a.tis, _1qnt.si, _1qns_es090_0.pay, _1n6o.fnm, _1q4i.fdt, _1e6s.nrm, _1grn.fnm, _1q4i.nrm, _1qnq.si, _1m |
stonith
/ gist:10000565
Created
April 6, 2014 02:00
cluster settings that seems to break replication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "persistent" : { }, | |
| "transient" : { | |
| "indices" : { | |
| "recovery" : { | |
| "concurrent_streams" : "3", | |
| "max_bytes_per_sec" : "80" | |
| } | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl 'localhost:9200/_cat/recovery?v' | |
| index shard target recovered percent host ip node | |
| .marvel-2014.03.23 0 1532632530 0 0.0% elasticsearch02.stn.local 10.128.112.174 Champion of the Universe | |
| .marvel-2014.03.22 0 1115751636 0 0.0% elasticsearch02.stn.local 10.128.112.174 Champion of the Universe |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "cluster_name" : "logstash", | |
| "nodes" : { | |
| "XyPGpIHlR2emjOAsvtt8qA" : { | |
| "timestamp" : 1396885317502, | |
| "name" : "es02", | |
| "transport_address" : "inet[/192.168.0.82:9300]", | |
| "host" : "es02.svc.local", | |
| "ip" : [ "inet[/192.168.0.82:9300]", "NONE" ], | |
| "indices" : { |
OlderNewer