Skip to content

Instantly share code, notes, and snippets.

View xrl's full-sized avatar

Xavier Lange xrl

89 followers · 32 following
View GitHub Profile
@xrl
xrl / rust-nightly-setup.sh
Last active August 29, 2015 14:26
Set up rustc/cargo toolchain on scaleway C1 ARMv7 server instance
apt-get update
apt-get upgrade -y
apt-get install -y aptitude vim git libssl-dev build-essential
mkdir ~/rust-temp-dir
cd ~/rust-temp-dir
# Rust 1.1.0
# export CARGO_URL="https://www.dropbox.com/sh/qfbt03ys2qkhsxs/AAACKdu99RNndY8AjA15pZlIa/1.1.0/cargo-2015-05-14-a483581-arm-unknown-linux-gnueabihf-65bc529734a332b57b4bcf3d7c32e7f6aa4d449f.tar.gz?dl=0"
# export RUST_URL="https://www.dropbox.com/sh/qfbt03ys2qkhsxs/AAANQ7TuyVUtA09TfFyR-s7aa/1.1.0/rust-2015-06-19-35ceea3-arm-unknown-linux-gnueabihf-1d459e0987537a1f2ecc1c5bd594d2e776f88927.tar.gz?dl=0"
@xrl
xrl / bas64_decode.go
Created August 24, 2015 22:36
Go example code for flexible decoding of unpadded URL encoded base64 and std encoding
package main
import "fmt"
import "encoding/base64"
import "bytes"
var suspiciousBase64 = []byte(`OSEeu8fWTcq+AliFG3PlZ0eYR8zFWWAdkCwb3XbPE96wvAsiF1W6v2Udg5KoDe7M2d0oQMmpoNeC
ZQWRMBHarz5vHzfTSXXCjvoLfZJVA1FLiJ9RYk8ulFyEJF19nxd2GLArnWjiqsP9RslhFB3BvYnZ
O9IsuyRqWKpa1nl5B68=`)
@xrl
xrl / failure.log
Created September 4, 2015 20:32
A plugin had an unrecoverable error. Will restart this plugin.
Plugin: <LogStash::Inputs::Elasticsearch hosts=>["elk01.phx1.viasatcloud.com"], port=>9200, index=>"misc-2015.08.3*", query=>"syslogtag:Juniper AND FOUO", debug=>false, codec=><LogStash::Codecs::JSON charset=>"UTF-8">, scan=>true, size=>1000, scroll=>"1m", docinfo=>false, docinfo_target=>"@metadata", docinfo_fields=>["_index", "_type", "_id"], ssl=>false>
Error: [400] {"error":"SearchPhaseExecutionException[Failed to execute phase [init_scan], all shards failed; shardFailures {[NxePVEcrTdSj2dvUDxd2Dw][misc-2015.08.30][0]: RemoteTransportException[[xle-elasticsearch-20][inet[/10.69.8.84:9300]][indices:data/read/search[phase/scan]]]; nested: SearchParseException[[misc-2015.08.30][0]: from[-1],size[-1]: Parse Failure [Failed to parse source [_na_]]]; nested: ElasticsearchParseException[Failed to derive xcontent from org.elasticsearch.common.bytes.BytesArray@37efd96d]; }{[ikvUCHa3Qv-hfS_e7s8bUw][misc-2015.08.31][0]: RemoteTransportException[[xle-e
@xrl
xrl / duo_auth_minimal_python.py
Created September 22, 2015 21:29
The duo API documentation gives a snippet for generating headers but does not give a full example, here's one that works (and hopefully gets indexed by google)
import base64, email, hmac, hashlib, urllib
import httplib, logging
logging.basicConfig()
logging.getLogger().setLevel(logging.DEBUG)
requests_log = logging.getLogger("requests.packages.urllib3")
requests_log.setLevel(logging.DEBUG)
requests_log.propagate = True
@xrl
xrl / basic_udp_multicast_send.go
Created October 8, 2015 00:31
for _,maddr := range maddrs {
scamp.Trace.Printf("maddr: `%s`", maddr)
}
udpAddr, err := net.ResolveUDPAddr("udp", multicastSpec)
if err != nil {
scamp.Trace.Printf("error resolving UDP address: `%s`", udpAddr)
}
multicastConn, err := net.DialUDP("udp", nil, udpAddr)
@xrl
xrl / gist:d1d7ba9dd85dd965cd58
Last active October 13, 2015 23:46
#cloud-config
users:
- name: "core"
groups:
- "sudo"
- "docker"
- "wheel"
- "systemd-journal"
- "portage"
@xrl
xrl / hekad-snippet.toml
Last active October 15, 2015 00:01
[ScampInput]
Name = "logging"
Listen = "0.0.0.0:30100"
[ScampInput.handler.0]
Action = "Logger.info"
Type = "Logger"
Decoder = "ACoolPayloadDecoder"
Severity = 1
[ScampInput.handler.1]
Action = "Logger.log"
@xrl
xrl / diff.rb
Created October 27, 2015 21:55
Poor man's diff utility
require 'pp'
here = Dir.glob("logstash/conf.d/*")
there = Dir.glob("../cookbooks/cookbooks/forwarder/templates/default/elasticsearch/*.erb")
pp here.collect{|h| h = h.split("/").last; match = there.select{|t| t.include?(h); }; [h,match] }.collect{|h,t| "diff logstash/conf.d/#{h} #{t.first}"}.each{|x| puts x; system(x)}; nil
@xrl
xrl / decoder.lua
Created December 21, 2015 18:49
local cjson = require('cjson')
local fields = {
Type = "cisco",
Timestamp = nil,
Payload = "to be filled in...",
Logger = "logstreamer"
}
function process_message()
@xrl
xrl / bad_logstreamer
Created December 28, 2015 22:41
[LogstreamerInput]
log_directory = "/mnt/syslog-archive/all"
file_match = 'cisco-(?P<Year>\d+).(?P<Month>\d+).(?P<Day>\d+).log' # works
#file_match = 'cisco-2015.09.(?P<Day>\d+).log' # doesn't work
priority = ["Year", "Month", "Day"]
decoder = "MyCiscoDecoder"