Skip to content

Instantly share code, notes, and snippets.

View jpclipffel's full-sized avatar

JP. Clipffel jpclipffel

7 followers · 1 following
  • Switzerland
View GitHub Profile
@jpclipffel
jpclipffel / Splunk - Data input routing.md
Last active November 3, 2018 08:47

Splunk - Data input routing

How to map logs received from multiple hosts on the same local port to the correct sourcetype and index.

Scenario

The Splunk data input UDP:514 receives events from the following devices:

  • 10.0.0.1: A Netfilter firewall
  • 10.0.0.2: A Squid proxy instance (1/2)
  • 10.0.0.3: A Squid proxy instance (2/2)

We want to separate logs comming from the Firewall (10.0.0.1) and the Proxies (10.0.0.2 and 10.0.0.3):

@jpclipffel
jpclipffel / Splunk - Swift SAA JSON logs.md
Created January 17, 2019 16:15

Splunk - Swift SAA JSON logs

How to ingest Swift SAA (Swift Alliance Access) logs in Splunk

SAA confguration

The SAA must be configured to:

  • forwards its logs through syslog
  • use the JSON (not formatted) format
@jpclipffel
jpclipffel / Splunk - Office365 parsing.md
Created March 11, 2019 08:09
Splunk - Office365 parsing

Splunk - Office365 parsing

How to re-parse Office365 logs collected from the application splunk_ta_o365.

Context

The add-on splunk_ta_o365 may sometimes produces multi-lines JSON events (ie. an event with several JSON objects separated by a new line). The following modification change the line breaker configuration.

Edit the line breaker configuration

Edit the file $SPLUNK_HOME/etc/apps/splunk_ta_o365/local/props.conf (create it if it doesn't exists) and add the following lines:

@jpclipffel
jpclipffel / Python - Multiprocessing managers with class.md
Last active October 20, 2019 17:04

Python - Multiprocessing managers with class

Demonstrate how to create a multiprocessing's manager server exposing a class.

Proxies

from multiprocessing.managers import BaseProxy


class GeneratorProxy(BaseProxy):
    """Manager's proxy for generators.
@jpclipffel
jpclipffel / README.md
Created November 19, 2019 12:44
Python and Brew on MacOS Catalina

Python and Brew on MacOS Catalina

Installation

  • Install Brew's OpenSSL: brew install openssl
  • Install Brew's Python3: brew install python3

Configure

Add the following configuration to a ~/.bashrc or ~/.zshrc:




  


  




    


          
    

      

        
        

          

              @jpclipffel
          

          

            
                jpclipffel
                / ELK - Remote clusters example.md
            
            

              Last active
              March 24, 2023 19:03
            

          

        

      

        

  

      

    
ELK - Remote clusters example


How to setup an Elasticsearch remote clusters lab.


Docker compose


Notes:


    

  • Adapt the volumes definition
    • 

  • Run with docker-compose up
    • 




  


  




    


          
    

      

        
        

          

              @jpclipffel
          

          

            
                jpclipffel
                / Ansible - Helm management.md
            
            

              Created
              July 21, 2020 09:21
            

              
                Manage Helm with Ansible
              
          

        

      

        

  

      

    
Ansible - Helm management


Get releases list


- name: Get all Helm releases
  shell: >
    helm list -o yaml
  register: _helm_releases



  


  




    


          
    

      

        
        

          

              @jpclipffel
          

          

            
                jpclipffel
                / appstore.py
            
            

              Created
              August 21, 2020 11:25
            

              
                A simple App Store scrapper example
              
          

        

      

        

  

    
    


        



  


  

        

          
          import sys
        

        

          
          import requests
        

        

          
          from lxml import etree
        

        

          
          

        

        

          
          

        

        

          
          def get_app_info(app_id, app_name, country='lu', lang='fr-fr'):
        

        

          
              '''Fetches an application page and returns a set of contextual information.
        

        

          
          

        

        

          
              :param str app_id:      Application ID
        

        

          
              :param str app_name:    Application name
        

  





    


  




    


          
    

      

        
        

          

              @jpclipffel
          

          

            
                jpclipffel
                / delete_stale_pvc.sh
            
            

              Last active
              February 4, 2021 15:31
            

              
                Delete stale PVC
              
          

        

      

        

  

    
    


        



  


  

        

          
          for pvc in $(kubectl get pvc | tail -n+2 | awk '{print $1}'); do
        

        

          
            kubectl patch pvc ${pvc} -p '{"metadata":{"finalizers": []}}' --type=merge
        

        

          
            kubectl delete pvc ${pvc}
        

        

          
          done