Sergio Rodriguez rodriguezsergio
theprogrammerin
/ slowquery_logger.sh
Created
November 26, 2014 09:31
Bash script to fetch the log for that hour from Amazon RDS and push it to ElasticSearch / Kibana
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Ashutosh Agrawal | |
| # http://blog.theprogrammer.in | |
| # | |
| # | |
| # This bash script simply fetches the log for that hour from Amazon RDS, | |
| # parse and genarlise it using mysql_slow_log_parser (https://gist.github.com/theprogrammerin/e3206a4ec7a7a4086ac2) | |
| # and then push the parsed log to elastic search using logstash (slowquery.conf)(https://gist.github.com/theprogrammerin/034a3efd849112d166ea) | |
| # For analysis on analytic tool like kibana. |
theprogrammerin
/ slowquery.conf
Last active
March 9, 2020 08:48
This is logstash configuration file to parse and push the generalised slow query log generated from [https://gist.github.com/theprogrammerin/e3206a4ec7a7a4086ac2] .
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # | |
| # Ashutosh Agrawal | |
| # http://blog.theprogrammer.in | |
| # | |
| # 2014-11-20 v1.0 | |
| # | |
| # This is logstash [http://logstash.net/] config for parsing the data out of the | |
| # modified slow query generated from | |
| # https://gist.github.com/theprogrammerin/e3206a4ec7a7a4086ac2 |
theprogrammerin
/ mysql_slow_log_parser
Last active
May 2, 2019 14:37
Mysql slow query [file] log parser. It combines multi line log into a single line. Also adds a generalised query be replacing query data with 'XXX' which can then be used to identify the slow query pattern.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| # | |
| # Ashutosh Agrawal | |
| # http://blog.theprogrammer.in | |
| # | |
| # 2014-11-20 v1.0 | |
| # | |
| # This script is modified version of SQL parser written by | |
| # | |
| # Nathanial Hendler |
xbeta
/ 00-set-authorization.groovy
Created
November 25, 2014 23:38
put them in $JENKINS_HOME/init.groovy.d/
yusufhm
/ logstash-ossec-alerts.conf
Last active
May 22, 2017 16:54
Logstash configuration for reading OSSEC alerts files and send to Elasticsearch (credits to https://mig5.net)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input { | |
| file { | |
| type => "ossec" | |
| path => "/var/ossec/logs/alerts/alerts.log" | |
| sincedb_path => "/opt/logstash/" | |
| codec => multiline { | |
| pattern => "^\*\*" | |
| negate => true | |
| what => "previous" | |
| } |
takeshixx
/ hb-test.py
Last active
April 14, 2025 17:04
OpenSSL heartbeat PoC with STARTTLS support.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| """ | |
| Author: takeshix <[email protected]> | |
| PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]). | |
| Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP. | |
| """ | |
| import sys,struct,socket | |
| from argparse import ArgumentParser |
OnlyInAmerica
/ find_iam_user.py
Created
April 3, 2014 22:52
Find an AWS IAM user corresponding to an AWS Access Key
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Find the IAM username belonging to the TARGET_ACCESS_KEY | |
| # Useful for finding IAM user corresponding to a compromised AWS credential | |
| # Requirements: | |
| # | |
| # Environmental variables: | |
| # AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY | |
| # python: | |
| # boto |
comerford
/ killLongRunningOps.js
Last active
September 13, 2024 08:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // kills long running ops in MongoDB (taking seconds as an arg to define "long") | |
| // attempts to be a bit safer than killing all by excluding replication related operations | |
| // and only targeting queries as opposed to commands etc. | |
| killLongRunningOps = function(maxSecsRunning) { | |
| currOp = db.currentOp(); | |
| for (oper in currOp.inprog) { | |
| op = currOp.inprog[oper-0]; | |
| if (op.secs_running > maxSecsRunning && op.op == "query" && !op.ns.startsWith("local")) { | |
| print("Killing opId: " + op.opid |
plentz
/ nginx.conf
Last active
June 25, 2025 06:48
Best nginx configuration for improved security(and performance)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |