cat .icons/Breeze-Hacked/index.theme
[Icon Theme]
Name=Breeze-Hacked
So you need
if [event][module] == "apache" { | |
if [fileset][name] == "access" { | |
grok { | |
match => { "message" => [ | |
"%{IPORHOST:[source][address]} - %{DATA:[user][name]} \[%{HTTPDATE:[apache][access][time]}\] \"(?:%{WORD:[http][request][method]} %{DATA:[url][original]} HTTP/%{NUMBER:[http][version]:float}|-)?\" %{NUMBER:[http][response][status_code]:int} (?:%{NUMBER:[http][response][body][bytes]:int}|-)( \"%{DATA:[http][request][referrer]}\")?( \"%{DATA:[user_agent][original]}\")?", | |
"%{IPORHOST:[source][address]} - %{DATA:[user][name]} \[%{HTTPDATE:[apache][access][time]}\] \"-\" %{NUMBER:[http][response][status_code]:int} -", | |
"\[%{HTTPDATE:[apache][access][time]}\] %{IPORHOST:[source][address]} %{DATA:[apache][access][ssl][protocol]} %{DATA:[apache][access][ssl][cipher]} \"%{WORD:[http][request][method]} %{DATA:[url][original]} HTTP/%{NUMBER:[http][version]:float}\" %{NUMBER:[http][response][body][bytes]:int}"] | |
} | |
remove_field => [ "message" ] | |
add_field => { "[event][created]" => "%{@timestamp}" } |
# Cyber attack maps: | |
#################### | |
Akamai https://www.akamai.com/us/en/solutions/intelligent-platform/visualizing-akamai/real-time-web-monitor.jsp | |
Arbor Networks https://www.digitalattackmap.com | |
Bitdefender https://threatmap.bitdefender.com | |
BlueLiv https://community.blueliv.com/map | |
Cisco Talos https://www.talosintelligence.com | |
Checkpoint https://threatmap.checkpoint.com | |
Deutsche Telekom https://sicherheitstacho.eu/start/main |
--- | |
- hosts: localhost | |
vars: | |
- dnsname: your.dns.name | |
- tmppath: "./tmp/" | |
- crtpath: "{{ tmppath }}{{ dnsname }}.crt" | |
- pempath: "{{ tmppath }}{{ dnsname }}.pem" | |
- csrpath: "{{ tmppath }}{{ dnsname }}.csr" | |
- pfxpath: "{{ tmppath }}{{ dnsname }}.pfx" | |
- private_key_password: "password" |
# | |
# Instructions for quick gluster server (1 node) setup with a volume on LVM. | |
# No replication, just using localhost. | |
# | |
# See https://docs.gluster.org/en/latest/Administrator%20Guide/Brick%20Naming%20Conventions/ | |
# | |
# Install GlusterFS | |
add-apt-repository ppa:gluster/glusterfs-4.0 | |
apt-get install glusterfs-server |
#!/usr/bin/env python | |
import dns.resolver | |
main_domain = "mail-out.ovh.net." | |
cur_mailout=1 | |
while True: | |
try: | |
mail_out_answer = dns.resolver.query('mo' + str(cur_mailout) + '.' + main_domain,'A') | |
except dns.resolver.NXDOMAIN: |
# Configuration to parse Apache logs with parameters : | |
# LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b %T %D \"%{Referer}i\" \"%{User-Agent}i\"" | |
input { | |
tcp { | |
port => 5000 | |
type => "apache-access" | |
} | |
udp { |
# Fail2Ban filter for SoftEther authentication failures | |
# Made by quixrick and jonisc | |
# Thanks to quixrick from Reddit! https://reddit.com/u/quixrick | |
# Further reference: http://www.vpnusers.com/viewtopic.php?f=7&t=6375&sid=76707e8a5a16b0c9486a39ba34763901&view=print | |
[INCLUDES] | |
# Read common prefixes. If any customizations available -- read them from | |
# common.local | |
before = common.conf |
sysctl -w fs.file-max=12000500
sysctl -w fs.nr_open=20000500
# Set the maximum number of open file descriptors
ulimit -n 20000000
# Set the memory size for TCP with minimum, default and maximum thresholds
sysctl -w net.ipv4.tcp_mem='10000000 10000000 10000000'
from lxml import html | |
import csv, os, json | |
import requests | |
from exceptions import ValueError | |
from time import sleep | |
def linkedin_companies_parser(url): | |
for i in range(5): | |
try: |