I hereby claim:
- I am lowell80 on github.
- I am lowell87 (https://keybase.io/lowell87) on keybase.
- I have a public key ASBFkf6XfGJ2a3ZzJva85-aU9FTkZjkRHYXKSpgfeS0WYwo
To claim this, I am signing this object:
Lowell Alleman lowell80
lowell80
/ keybase.md
Last active
May 29, 2020 00:16
lowell80
/ fix_checkpoints.py
Last active
October 12, 2018 01:13
Repair checkpoint (.ckpt) files for various Splunk TAs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Helps to recover corrupted .ckpt files created by Splunks 'splunksdc' module used by various TA's. | |
| (I think it ships with the TA add onbuilder, but not 100% sure of that.) | |
| Requires the 'umsgpack' 3rd party module | |
| Usage: | |
| python fix_checkpoint.py |
lowell80
/ cidr2regex.py
Last active
November 22, 2023 16:28
— forked from waffle2k/cidr2regex.py
Splunk deployment based on CIDR
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' Splunk deployment based on CIDR | |
| Splunk's deployment server does not support CIDR based matching out of the box, | |
| but they do support PCRE regex matching. I found this script online and | |
| modified it slightly to match Splunk's specific regex variation. (Basically, | |
| Splunk uses standards PCRE but replace the meaning of "." and "*" to act more | |
| like traditional glob strings.) The values returned by this script can be | |
| used in the serverclass.conf for either whitelist.<n> or blacklist.<n> values. | |
| See the Splunk docs for more details. |