ytensor42

# Command line Encrypt & Decrypt

## Encrypt
TEXT_TO_ENCRYPT="secret text that I want to encrypt"
KMS_KEY_ID="kms key id, can get it by aws kms list-keys"

# stdout
$ aws kms encrypt --key-id $KMS_KEY_ID --plaintext $TEXT_TO_ENCRYPT --output text --query CiphertextBlob
AQICA....
.....dA==

ytensor42

// X-Slack-Signature check (next to token check)
// added protection to slack token
// it calculates body hash to compare signature in slack header

const qs = require('querystring');
const crypto = require('crypto');

function SlackSginature( event, callback ) {
    const params = qs.parse( event.body );

ytensor42

Sysvinit                          Systemd
================================= ===================================================================
service frobozz start             systemctl start frobozz
service frobozz stop              systemctl stop frobozz
service frobozz restart           systemctl restart frobozz
service frobozz reload	           systemctl reload frobozz
service frobozz condrestart       systemctl condrestart frobozz
service frobozz status	           systemctl status frobozz
ls /etc/rc.d/init.d/              systemctl
                                  systemctl list-unit-files --type=service

ytensor42

#!/bin/bash -eo pipefail

## Allows for creation of "Basic" DNS records in a Route53 hosted zone

function main() {
	record_name=$1
	record_value=$2

	[[ -z $record_name  ]] && echo "record_name is: $record_name" && exit 1
	[[ -z $record_value ]] && echo "record_value is: $record_value" && exit 1

ytensor42

# Hostname
hostnamectl set-hostname <hostname here>
systemctl reboot


# Timezone
timedatectl list-timezones
timedatectl set-timezone America/Los_Angeles

ytensor42

# self signed cert

openssl req -subj '/C=US/ST=California/L=San Francisco/O=Company Name/OU=Org/CN=app.example.com' \
            -x509 -days 3650 -batch -nodes -newkey rsa:4096 -sha256 -keyout example.key -out example.crt

cp -p example.key /etc/pki/tls/private/
cp -p example.crt /etc/pki/tls/certs/

cat example.crt example.key > example_cert.pem

ytensor42

input {
  file {
    path => "/path/to/tomcat/logs/localhost_access_log*.txt"
  }
}

filter {
  grok {
    match => {
      "message" => "%{COMBINEDAPACHELOG} %{IPORHOST:serverip} %{NUMBER:serverport} %{NUMBER:elapsed_millis} %{NOTSPACE:sessionid} %{QS:proxiedip} %{QS:loginame}"

ytensor42

# grep -A5 Valve $TOMCAT/conf/server.xml

Patterns for the logged message may include constant text or any of the following replacement strings, for which the corresponding information from the specified Response is substituted:

%a - Remote IP address
%A - Local IP address
%b - Bytes sent, excluding HTTP headers, or '-' if no bytes were sent
%B - Bytes sent, excluding HTTP headers
%h - Remote host name (or IP address if enableLookups for the connector is false)
%H - Request protocol

ytensor42

# https://github.com/logstash-plugins/logstash-patterns-core/blob/master/patterns/grok-patterns
# test: http://grokdebug.herokuapp.com

USERNAME [a-zA-Z0-9._-]+
USER %{USERNAME}
EMAILLOCALPART [a-zA-Z][a-zA-Z0-9_.+-=:]+
EMAILADDRESS %{EMAILLOCALPART}@%{HOSTNAME}
INT (?:[+-]?(?:[0-9]+))
BASE10NUM (?<![0-9.+-])(?>[+-]?(?:(?:[0-9]+(?:\.[0-9]+)?)|(?:\.[0-9]+)))
NUMBER (?:%{BASE10NUM})

ytensor42

- https://codewithintent.com/how-to-authenticate-users-with-tokens-using-cognito/

* Getting the tokens on login

const authenticationData = {
  Username: user.email,
  Password: user.password,
};
const authenticationDetails = new AuthenticationDetails(authenticationData);
const userData = {