hortonew’s gists

hortonew / Splunk-one-way-diff.txt

Created March 21, 2017 14:22

Splunk one-way diff search

	\| set diff
	[\| makeresults count=1 \| eval users="user1 user2 user6" \| makemv users \| mvexpand users \| table users \| append [search sourcetype=linux_secure logged_in_user!="" \| table users] \| stats values(users) as users \| mvexpand users \| table users]
	[search sourcetype=linux_secure logged_in_user!="" \| stats values(logged_in_user) as users \| mvexpand users \| table users]

hortonew / Example-Splunk-Outputs.conf

Created March 21, 2017 16:40

	[tcpout]
	defaultGroup = mySplunkIndexers
	maxQueueSize = 7MB

	[tcpout:mySplunkIndexers]
	server = 10.10.10.10:9997, 10.10.10.20:9997
	autoLB = true
	useACK = true

hortonew / gist:cd54a30d597d0297a4130f5e9a798267

Created April 25, 2017 17:36

Proxy Config for Ansible

	Variables
	AnsibleServer = current servername
	RemoteServerIP = server i'm trying to ping
	MyUsername = username with same password across local, proxy, and remote server
	MyProxyHostIP = proxy host IP

	[ansible@AnsibleServer ~]$ ansible -m ping -i teams/monitoring/ RemoteServerIP -u MyUsername -k -vvvv
	Using /home/ansible/ansible.cfg as config file
	SSH password:
	Loading callback plugin minimal of type stdout, v2.0 from /usr/lib/python2.7/site-packages/ansible/plugins/callback/__init__.pyc

hortonew / Example indexes.conf

Created May 18, 2018 19:12

hortonew / Ayehu Log Parsing - Splunk

Last active May 24, 2018 20:52

	TODO
	1. Pull date from source file name (fileName_23052018.log)
	2. (DONE) Pull time from line entry
	3. (DONE) Send to null queue -> "First line of every file"
	4. (DONE) Send to null queue -> "Lines with -------------------------------"

	props.conf
	[Ayehu:EyeShare:Executor]
	TRUNCATE=0
	TIME_FORMAT=%X

hortonew / Splunk search cluster example

Last active August 16, 2018 23:44

	Example SHCluster Config
	See doc for up to date configurations: http://docs.splunk.com/Documentation/Splunk/latest/DistSearch/SHCdeploymentoverview
	Would recommend sharing splunk.secret on deployer and any search head part of cluster so you can maintain configs on deployer.

	Splunk admin user: admin
	Splunk admin password: my-splunk-admin-password

	3 Search heads in cluster: searchhead-01, searchhead-02, searchhead-03
	Search cluster secret: my-shc-secret
	Search cluster label: my-shc-cluster-label

hortonew / Ansible vault with AWS Dynamic Inventory

Created September 17, 2018 20:34

Will allow you to set variables needed before dynamic inventory is run, allowing you to use ansible vault

	---
	- name: Set env variables
	hosts: localhost
	connection: local
	environment:
	AWS_ACCESS_KEY_ID: "{{ AWS_ACCESS_KEY }}"
	AWS_SECRET_ACCESS_KEY: "{{ AWS_SECRET_KEY }}"
	tasks:
	- name: Build AWS Inventory
	command: "{{ ec2_py_location }} --list --refresh-cache"

hortonew / gist:ff778ff0dd10ef4df808373c3c3c41a0

Created September 26, 2018 01:56

Example krb5.conf to authenticate via kerberos from unix to windows

	[libdefaults]
	default_realm = CORPORATE.COMPANY.COM
	krb4_config = /etc/krb.conf
	krb4_realms = /etc/krb.realms
	kdc_timesync = 1
	ccache_type = 4
	forwardable = true
	proxiable = true
	v4_instance_resolve = false
	v4_name_convert = {

hortonew / update-home-assistant-docker.sh

Last active March 3, 2023 03:45

Home Assistant: Docker container update script

	#!/bin/bash
	# Note: This config renews letsencrypt certs for "mydomain.com". Modify this for your own domain or remove those steps.
	set -e

	# Update image
	docker pull homeassistant/home-assistant:latest
	d=`date +%Y-%m-%d-%H`

	# Identify and stop old instance of home assistant
	olddockerid=`docker ps -a \| grep home-assistant \| awk '{ print $1 }'`

hortonew / glance.yml

Last active January 5, 2025 16:47

Glance

	theme:
	background-color: 225 14 15
	primary-color: 157 47 65
	contrast-multiplier: 1.1
	branding:
	custom-footer: \|
	<p><a href="https://github.com/hortonew">github.com/hortonew<a></p>
	pages:
	- name: Home
	columns:

Erik Horton hortonew