Skip to content

Instantly share code, notes, and snippets.

@lowell80
lowell80 / cidr2regex.py
Last active November 22, 2023 16:28 — forked from waffle2k/cidr2regex.py
Splunk deployment based on CIDR
#!/usr/bin/env python
''' Splunk deployment based on CIDR
Splunk's deployment server does not support CIDR based matching out of the box,
but they do support PCRE regex matching. I found this script online and
modified it slightly to match Splunk's specific regex variation. (Basically,
Splunk uses standards PCRE but replace the meaning of "." and "*" to act more
like traditional glob strings.) The values returned by this script can be
used in the serverclass.conf for either whitelist.<n> or blacklist.<n> values.
See the Splunk docs for more details.
@lowell80
lowell80 / fix_checkpoints.py
Last active October 12, 2018 01:13
Repair checkpoint (.ckpt) files for various Splunk TAs
"""
Helps to recover corrupted .ckpt files created by Splunks 'splunksdc' module used by various TA's.
(I think it ships with the TA add onbuilder, but not 100% sure of that.)
Requires the 'umsgpack' 3rd party module
Usage:
python fix_checkpoint.py

Keybase proof

I hereby claim:

  • I am lowell80 on github.
  • I am lowell87 (https://keybase.io/lowell87) on keybase.
  • I have a public key ASBFkf6XfGJ2a3ZzJva85-aU9FTkZjkRHYXKSpgfeS0WYwo

To claim this, I am signing this object: