mcm

/*
  For use with KubeJS. Allows for filling jetpacks and tanks via Spouts in Create.
  Also depends on PowerfulJS.
  
  Save this as a startup_script in your KubeJS directory.
  
  Capacity is mapped in a way that is equivalent to manual filling, e.g. each bucket
  fills by 100.0 "units", so a small tank requires 8 buckets to fill, and a large
  tank requires 32 buckets to fill.
  

mcm

def extract_regex(input_text=None, regex=None, **kwargs):
    """
    Args:
        input_text
        regex
    
    Returns a JSON-serializable object that implements the configured data paths:
        groups
        groupdict.*
    """

mcm

| rest splunk_server=local /services/alerts/suppressions | table title author search disabled description updated
| rex field=search max_match=100 "\s(?!source)(?P<fields>(\w+))(=|>|<)"
| stats values(fields) as fields by title author search disabled description updated
| rex field=search max_match=2 "_time(\<|\>|\=).(?P<time_fields>.[^\s]+)"
| rex field=search max_match=2 "_time(?P<time_comparators>.[^\d+]*)"
| eval multi_times=if(mvcount(time_fields) > 1, "True", "False")
| eval start_time=mvindex(time_fields, 0)
| eval end_time=mvindex(time_fields, 1)
| fillnull start_time, end_time value="0"
| fillnull time_comparators value="-"

mcm

This app is based on the alert_webhook app included by Splunk, and is subject to all applicable license terms therein.
All modifications made to that app by Hurricane Labs in the creation of this app, as of 13 May 2020, are licensed
under the MIT license as included below. Unless otherwise noted, all future modifications made by Hurricane Labs are
also licensed under the same license terms. The most recent diff showing changes made by Hurricane Labs can be found at:

https://gist.github.com/mcm/fcbb9bd0e0c366626bd16f3495ecaf85


Portions Copyright (c) 2020 Hurricane Labs

mcm

import argparse
import getpass

import splunk.entity as entity
import splunk.auth

ap = argparse.ArgumentParser()
ap.add_argument("--username", required=True)
ap.add_argument("--password", required=False)
ap.add_argument("--app")

mcm

[multi]
machinery = xenserver,physical

mcm

import http.cookiejar
import io

import boto3
import botocore


class S3CookieJar(http.cookiejar.LWPCookieJar):
    bucket = None
    filename = None

mcm

**Only really tested on Ubuntu 16.04**

Requirements:
* Two Linux systems (one to send traffic, one to receive)
* Network connectivity over UDP 4789

Sender Setup
* Install daemonlogger (sudo apt install daemonlogger)
* Save systemd service config as /etc/systemd/system/[email protected] (replace X.X.X.X with IP of receiver)
* Reload systemd (sudo systemctl daemon-reload)

mcm

################################################################################
# Domain Blacklist Rules: https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt
################################################################################
################################################################################
# URL Blacklist Rules: https://ransomwaretracker.abuse.ch/downloads/RW_URLBL.txt
################################################################################

mcm

#!/usr/sbin/nft -f
flush ruleset
add table inet filter
add chain inet filter input { type filter hook input priority 0 ; policy accept ; }
add chain inet filter output { type filter hook output priority 0 ; policy accept ; }
add chain inet filter forward { type filter hook forward priority 0 ; policy accept ; }
add chain inet filter floating
add chain inet filter wan
add chain inet filter vlan2
add chain inet filter vlan15