Maciej Szymczyk zorteran

## Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :

Vagrant.configure("2") do |config|

  config.vm.define "elk" do |elk|

      elk.vm.box = "ubuntu/focal64"
      elk.vm.hostname = "elk.lan"

## simple_es_to_kafka_to_discord_exporter.py
from json import loads
from confluent_kafka import Consumer
from loguru import logger
from discord_webhook import DiscordWebhook, DiscordEmbed

KAFKA_CONF = {'bootstrap.servers': "10.10.10.10:9092",
              'group.id': "dev-wiaderko",
              'auto.offset.reset': 'latest'}  # earliest / latest
KAFKA_TOPICS = ["^es-alerts.*"]
DISCORD_WEBHOOK_URL = "https://discord.com/api/webhooks/something/somethingelse"

## Software RAID 1 setup on Ubuntu Server 20.04.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                zorteran
                / Software RAID 1 setup on Ubuntu Server 20.04.md
            
            
              Created
              June 23, 2022 11:09
                — forked from fevangelou/Software RAID 1 setup on Ubuntu Server 20.04.md
            
          
    Looking to create a Software RAID 1 setup for your 2-disk server on Ubuntu Server 20.04?


Let's start with the basics: the official guide by Ubuntu (https://ubuntu.com/server/docs/install/storage) is outdated/wrong. And as of March 2021 it's possible that there's a bug as well with how the bios_grub partitions are created when using multiple disks.
Now on to the solution:

Select "Custom storage layout" when you reach the storage configuration step of the installer.
If the disks have existing partitions, click on each disk under AVAILABLE DEVICES and then select REFORMAT. This will (temporarily) wipe out the partitions.


## .gitlab-ci.yml
stages:
  - test
  - deploy

test_rules:
  stage: test
  image: python:3.8
  script:
    - python -V  # Print out python version for debugging
    - pip install virtualenv

## threatintel-cert_pl.json
//PUT _index_template/threatintel-cert_pl
{
  "index_patterns": [
    "threatintel-cert_pl-*"
  ],
  "template": {
    "settings": {
      "index": {
        "mapping": {
          "total_fields": {

## ip_lookup.rb
require 'csv'
require 'ipaddr'
table = CSV.read("/home/maciej/ipv4.txt")
ips = table.map { |row| IPAddr.new(row[0]) }
ip_to_check = IPAddr.new("1.96.1.1")
result = ips.reduce(0) { |sum, ip| sum + (ip.include?(ip_to_check) ? 1 : 0)}

## gist:dfe922a839ed7c437aa46dadc285799a
PUT _ingest/pipeline/filebeat-7.15.1-haproxy-log-pipeline-custom
{
    "description" : "Pipeline for parsing HAProxy http, tcp and default logs. Requires the geoip plugin.",
    "processors" : [
      {
        "set" : {
          "field" : "event.ingested",
          "value" : "{{_ingest.timestamp}}"
        }
      },

## CoolApp.scala
package pl.wiadrodanych.demo

import org.apache.spark.sql.DataFrame
import pl.wiadrodanych.demo.NiceApp.spark
import pl.wiadrodanych.demo.extensions.GroceryDataFrameExtensions._

object CoolApp {
  def main(args: Array[String]) = {
    val result = getGroceries
      .filterFruits

## GroceryDataFrameExtensions.scala
package pl.wiadrodanych.demo.extensions

import org.apache.spark.sql._
import org.apache.spark.sql.functions._
import pl.wiadrodanych.demo.base.SparkJob.spark.implicits._

object GroceryDataFrameExtensions {

  implicit class RichDataFrame(df: DataFrame) {

## UsingSprakJob.scala
import org.apache.spark.sql._
import org.apache.spark.sql.functions._
import pl.wiadrodanych.demo.base.SparkJob
import pl.wiadrodanych.demo.base.SparkJob.spark.implicits._

object NiceApp {
  val spark = SparkJob.spark

  def main(args: Array[String]) = {
    val groceries: DataFrame = getGroceries
	# -- mode: ruby --
	# vi: set ft=ruby :

	Vagrant.configure("2") do \|config\|

	config.vm.define "elk" do \|elk\|

	elk.vm.box = "ubuntu/focal64"
	elk.vm.hostname = "elk.lan"
	from json import loads
	from confluent_kafka import Consumer
	from loguru import logger
	from discord_webhook import DiscordWebhook, DiscordEmbed

	KAFKA_CONF = {'bootstrap.servers': "10.10.10.10:9092",
	'group.id': "dev-wiaderko",
	'auto.offset.reset': 'latest'} # earliest / latest
	KAFKA_TOPICS = ["^es-alerts.*"]
	DISCORD_WEBHOOK_URL = "https://discord.com/api/webhooks/something/somethingelse"
	stages:
	- test
	- deploy

	test_rules:
	stage: test
	image: python:3.8
	script:
	- python -V # Print out python version for debugging
	- pip install virtualenv
	//PUT _index_template/threatintel-cert_pl
	{
	"index_patterns": [
	"threatintel-cert_pl-*"
	],
	"template": {
	"settings": {
	"index": {
	"mapping": {
	"total_fields": {
	require 'csv'
	require 'ipaddr'
	table = CSV.read("/home/maciej/ipv4.txt")
	ips = table.map { \|row\| IPAddr.new(row[0]) }
	ip_to_check = IPAddr.new("1.96.1.1")
	result = ips.reduce(0) { \|sum, ip\| sum + (ip.include?(ip_to_check) ? 1 : 0)}
	PUT _ingest/pipeline/filebeat-7.15.1-haproxy-log-pipeline-custom
	{
	"description" : "Pipeline for parsing HAProxy http, tcp and default logs. Requires the geoip plugin.",
	"processors" : [
	{
	"set" : {
	"field" : "event.ingested",
	"value" : "{{_ingest.timestamp}}"
	}
	},
	package pl.wiadrodanych.demo

	import org.apache.spark.sql.DataFrame
	import pl.wiadrodanych.demo.NiceApp.spark
	import pl.wiadrodanych.demo.extensions.GroceryDataFrameExtensions._

	object CoolApp {
	def main(args: Array[String]) = {
	val result = getGroceries
	.filterFruits
	package pl.wiadrodanych.demo.extensions

	import org.apache.spark.sql._
	import org.apache.spark.sql.functions._
	import pl.wiadrodanych.demo.base.SparkJob.spark.implicits._

	object GroceryDataFrameExtensions {

	implicit class RichDataFrame(df: DataFrame) {