Larry Smith Jr. mrlesmithjr
mrlesmithjr
/ gist:d482d8ed2792a5122641
Created
March 6, 2015 17:02
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Snort parsing | |
| filter { | |
| if "snort" in [tags] { | |
| if "PFSense" in [tags] { | |
| grok { | |
| match => [ | |
| "orig_message", "snort\[%{INT:snort_pid}\]\:.*\[%{INT:ids_gid}\:%{INT:ids_sid}\:%{INT:ids_rev}\].%{GREEDYDATA:ids_alert}.\[Classification\: %{DATA:ids_classification}\].*\[Priority\: %{INT:ids_priority}].*{%{WORD:ids_proto}}.*%{IP:src_ip}:%{INT:src_port} \-\>.*%{IP:dst_ip}:%{INT:dst_port}", | |
| "orig_message", "snort\[%{INT:snort_pid}\]\:.*\[%{INT:ids_gid}\:%{INT:ids_sid}\:%{INT:ids_rev}\].%{GREEDYDATA:ids_alert}.\[Classification\: %{DATA:ids_classification}\].*\[Priority\: %{INT:ids_priority}].*\{PROTO:%{WORD:ids_proto}.*%{IP:src_ip} \-\>.*%{IP:dst_ip}" | |
| ] | |
| } |
mrlesmithjr
/ gist:5f744f291a557b933c57
Created
March 12, 2015 14:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: 127.0.0.1 | |
| gather_facts: false | |
| connection: local | |
| user: remote | |
| sudo: true | |
| vars_prompt: | |
| - name: "vcenter_hostname" | |
| prompt: "Enter vcenter hostname" |
mrlesmithjr
/ confg_lvm.yml
Last active
May 29, 2017 19:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: db-vms # set to specific inventory host group or set to all for every host in inventory for play | |
| vars: | |
| config_lvm: false # must be set to true in order to execute any tasks in play (failsafe option :)- ) | |
| create: false # set to true if creating a new logical volume (do not set extend or resize to true) | |
| resize: false # set to true if resizing the logical volume (do not set create to true) | |
| extend: false # set to true if extending the logical volume (do not set create to true) | |
| current_disk: '/dev/sda5' # set to your current disk device already setup in lvm | |
| new_disk: '/dev/sdb' # set to new disk being added to volume group | |
| new_mntp: '/var/lib/mysql' # set to the desired mount |
mrlesmithjr
/ site_hosts
Created
April 1, 2015 21:33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ans-test-db02 ansible_ssh_host=10.0.110.144 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-web03 ansible_ssh_host=10.0.110.130 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-web02 ansible_ssh_host=10.0.110.222 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-web01 ansible_ssh_host=10.0.110.193 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-db01 ansible_ssh_host=10.0.110.195 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-lb01 ansible_ssh_host=10.0.110.177 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-lb02 ansible_ssh_host=10.0.110.156 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-gs01 ansible_ssh_host=10.0.110.132 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-gs03 ansible_ssh_host=10.0.110.129 ansible_ssh_private_key_file=.ssh/home | |
| ans-test-gs02 ansible_ssh_host=10.0.110.131 ansible_ssh_private_key_file=.ssh/home |
mrlesmithjr
/ site.yml
Created
April 1, 2015 21:34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: all | |
| sudo: yes | |
| # remote_user: home | |
| roles: | |
| - disable-firewall | |
| # - enable-firewall | |
| - { role: base, enable_cacti_monitoring: false } | |
| - zabbix-agent | |
| # - domain-join |
mrlesmithjr
/ config_lvm.yml
Created
April 1, 2015 21:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: config_lvm | install | installing pre-reqs | |
| apt: name={{ item }} state=present | |
| with_items: | |
| - python-software-properties | |
| - xfsprogs | |
| - lvm2 | |
| when: config_lvm and ansible_os_family == "Debian" | |
| - name: config_lvm | install | installing lvm2 |
mrlesmithjr
/ debian_glusterfs.yml
Created
April 1, 2015 21:38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: debian | install | installing pre-reqs | |
| apt: name={{ item }} state=present | |
| with_items: | |
| - python-software-properties | |
| - xfsprogs | |
| - name: debian | config | adding glusterfs apt repo key | |
| apt_key: keyserver=keyserver.ubuntu.com id=F7C73FCC930AC9F83B387A5613E01B7B3FE869A9 state=present |
mrlesmithjr
/ glusterfs.yml
Created
April 1, 2015 22:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - hosts: gs-vms | |
| tasks: | |
| - name: Start GlusterFS | |
| service: name=glusterfs-server state=started enabled=true | |
| - name: connect gluster peers | |
| command: gluster peer probe {{ item }} | |
| register: gluster_peer_probe | |
| changed_when: "'already in peer list' not in gluster_peer_probe.stdout" |
mrlesmithjr
/ ans-cloud-rt01
Created
April 18, 2015 02:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Tenants | |
| config_tenants: true | |
| # Firewall | |
| enable_firewall: 'true' # set to true to enable firewall services | |
| nat_masquerade: 'false' | |
| # Zabbix Monitoring | |
| enable_zabbix_agent: 'true' |
mrlesmithjr
/ logstash_iis.yml
Created
June 3, 2015 12:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Microsoft IIS logging....Use NXLOG for client side logging | |
| filter { | |
| if [type] == "iis" { | |
| if [message] =~ "^#" { | |
| drop {} | |
| } | |
| grok { | |
| match => [ | |
| "message", "%{TIMESTAMP_ISO8601:logtime} %{IPORHOST:hostname} %{URIPROTO:cs_method} %{URIPATH:cs_stem} (?:%{NOTSPACE:cs_query}|-) %{NUMBER:src_port} %{NOTSPACE:cs_username} %{IP:clientip} %{NOTSPACE:cs_useragent} %{NUMBER:sc_status} %{NUMBER:sc_subresponse} %{NUMBER:sc_win32_status} %{NUMBER:timetaken}", | |
| "message", "%{TIMESTAMP_ISO8601:logtime} %{IPORHOST:hostname} %{URIPROTO:cs_method} %{URIPATH:cs_stem} (?:%{NOTSPACE:cs_query}|-) %{NUMBER:src_port} %{NOTSPACE:cs_username} %{IP:clientip} %{NOTSPACE:cs_useragent} %{NOTSPACE:cs_referrer} %{NUMBER:sc_status} %{NUMBER:sc_subresponse} %{NUMBER:sc_win32_status} %{NUMBER:timetaken}" |