- given a data file sample named
data.log - modify your config to use the stdin input so that you can pipe you sample log file to logstash
input {
stdin {
codec => line
}
}
weijh imweijh
imweijh
/ logstash_jdbc_oracle.conf
Last active
May 7, 2021 02:54
logstash jdbc syn oracle table to kafka every second
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| jdbc { | |
| jdbc_driver_library => "D:\logstash-7.12.0\ojdbc8.jar" | |
| jdbc_driver_class => "Java::oracle.jdbc.driver.OracleDriver" | |
| jdbc_connection_string => "jdbc:oracle:thin:@//127.0.0.1:1521/servicename" | |
| jdbc_user => "user" | |
| jdbc_password => "password" | |
| tracking_column => "record_sn" | |
| use_column_value => true | |
| tracking_column_type => "numeric" |
imweijh
/ logstash_filtersr _performance.md
Created
April 22, 2021 01:27
— forked from colinsurprenant/logstash_filtersr _performance.md
measuring logstash filters performance
imweijh
/ install_check_mk_agent.bat
Created
April 23, 2021 03:44
— forked from Ham5ter/install_check_mk_agent.bat
This Script install the check-mk-agent and adds a Firewall Rule to the local Windows Firewall to allow Access to it!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: | |
| :: This Script install the check-mk-agent and adds a Firewall Rule to the local Windows Firewall to allow Access to it! | |
| :: https://gist.github.com/Ham5ter/2a8526e843c72ff9343bc3a38cdac97e | |
| :: | |
| :: Allow ICMP Echo (Ping) | |
| netsh advfirewall firewall delete rule name="ICMP Allow incoming V4 echo request" | |
| netsh advfirewall firewall add rule name="ICMP Allow incoming V4 echo request" protocol=icmpv4:8,any dir=in action=allow | |
| :: Allow TCP Port 6556 (check-mk-agent) |
imweijh
/ CNLohr's Guide for Windows C Apps in 2021.md
Created
August 16, 2021 09:29
— forked from cnlohr/CNLohr's Guide for Windows C Apps in 2021.md
How to Set Up a Windows Computer to Write C applications in 2021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| find / -iname 'log4j-core*.jar' -exec jar tf {} \; | grep org/apache/logging/log4j/core/lookup/JndiLookup.class | |
| find / -iname 'log4j-core*.jar' -print0 | xargs -0 -I{} zip -d {} org/apache/logging/log4j/core/lookup/JndiLookup.class | |
| find / -iname 'log4j-core*.jar' -exec jar tf {} \; | grep org/apache/logging/log4j/core/lookup/JndiLookup.class |
imweijh
/ logstashgsub.conf
Created
December 17, 2021 09:59
logstash gsub regex replace use capture group
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| generator { | |
| lines => [ | |
| "whatever|1|BA|110100|11:19:39|1|101.00000|whatever|123456789||10.000|||61033|", | |
| "whatever|1|BP|110100|11:19:39|1|101.00000|whatever|123456789||10.000|||61033|", | |
| "whatever|1|SA|110100|11:19:39|1|101.00000|whatever|123456789||10.000|||61033|", | |
| "whatever|1|SP|110100|11:19:39|1|101.00000|whatever|123456789||10.000|||61033|", | |
| "whatever|1|BC|110100|11:19:39|1|101.00000|whatever|123456789||10.000|||61033|", | |
| "whatever|1|SC|110100|11:19:39|1|101.00000|whatever|123456789||10.000|||61033|", | |
| "whatever|1|BF|110100|11:19:39|1|101.00000|whatever|123456789||10.000|||", |
imweijh
/ Electron on WSL2.md
Created
September 9, 2022 14:24
— forked from caseywatts/Electron on WSL2.md
Electron is tricky to get set up on Windows Subsystem for Linux, but it can work!
Four things needed overall:
- you need WSL2, not WSL1
- you need node, of course, and that part isn't so bad
- you need to
apt installseveral dependencies - you need an X Server so it can display the electron GUI over in Windows-land
Setup instructions, in order:
imweijh
/ check_mk_agent-ubuntu-install.sh
Created
September 24, 2022 13:15
— forked from nitrag/check_mk_agent-ubuntu-install.sh
Setup check_mk_agent via systemd on Ubuntu 16.04 (OMD, Check_MK)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # How to install Check MK Agent on ubuntu 16.04 | |
| # Install check_mk_agent: | |
| # - sudo apt-get install check-mk-agent (will install older version) | |
| # - On your Check_MK dashboard, go to "Monitoring Agents", click the link for "Check_MK Agent for Linux", save the raw text | |
| # on your server: | |
| sudo vi /usr/bin/check_mk_agent | |
| # paste Check_MK dashboard > Monitoring Agents > Check_MK Agent for Linux |
imweijh
/ README.md
Created
October 9, 2022 08:50
— forked from jordansissel/README.md
logstash internal messaging and queues
The logstash agent is 3 parts: inputs -> filters -> outputs.
Each '->' is an internal messaging system. It is implemented with a 'SizedQueue' in Ruby. SizedQueue allows a bounded maximum of items in the queue such that any writes to the queue will block if the queue is full at maximum capacity.
Logstash sets the queue size to 20. This means only 20 events can be pending into the next phase - this helps reduce any data loss and in general avoids logstash trying to act as a data storage system. These internal queues are not for storing messages long-term.
In reverse, here's what happens with a queue fills.
imweijh
/ logstash-to-logstash-over-http.md
Created
August 14, 2023 10:38
— forked from yaauie/logstash-to-logstash-over-http.md
2022 high-level docs for logstash-to-logstash using the HTTP input/output pair
We have had some success using LS-to-LS over HTTP(S), which supports an HTTP(s) Load Balancer or Proxy in the middle, and can be secured with TLS/SSL. It can be made to be quite performant, but doing so requires some specific tuning.
The upstream pipelie would contain a single HTTP output plugin aimed either directly at a downstream Logstash or at a Load Balancer, importantly configured with:
format => json_batch(for performance; without this one event will be sent at a time) andretry_non_idempotent => true(for resilience; without this, some failures cannot be safely retried).
Depending on whether we ar sending directly to another Logstash or through an SSL-terminating Load Balancer or proxy, the output may need to be configured
- with HTTP Basic credentials (
user/password),