The Grok plugin is one of the more cooler plugins. It enables you to parse unstructured log data into something structured and queryable. Grok is looking for patterns in the data it’s receiving, so we have to configure it to identify the patterns that interest us. Grok comes with some built in patterns. The pattern we are using in this case is %{COMBINEDAPACHELOG}which can be used when Logstash is receiving log data from Apache HTTP.
input {
beats {
port => "5044"
}
}
| ==================================================================== | |
| HOW TO INSTALL FROM CODE/INSTALLING GIT FROM SOURCE: | |
| ==================================================================== | |
| Step 1 – Prerequsities: | |
| ---------------------- | |
| $ yum install curl-devel expat-devel gettext-devel openssl-devel zlib-devel | |
| $ yum install gcc perl-ExtUtils-MakeMake | |
| Step 2 – Install Git on CentOS: |
| Reload .bashrc without logging out and back in: | |
| ============================================== | |
| Two ways to do this: | |
| 1- source ~/.bashrc (or . ~/.bashrc) | |
| 2 - exec bash | |
| With this, you won't even have to type "source ~/.bashrc": | |
| Include your bashrc file: |
| Creating a .pem File for SSL Certificate Installations | |
| SSL .pem files (concatenated certificate container files), are frequently required for certificate installations when multiple certificates are being imported as one file. | |
| This article contains multiple sets of instructions that walk through various .pem file creation scenarios. | |
| Creating a .pem with the Entire SSL Certificate Trust Chain | |
| Log into your DigiCert Management Console and download your Intermediate (DigiCertCA.crt), Root (TrustedRoot.crt), and Primary Certificates (your_domain_name.crt). | |
| Open a text editor (such as wordpad) and paste the entire body of each certificate into one text file in the following order: |
| #get name of container(s) | |
| docker ps | |
| #or docker-compose ps | |
| docker inspect --format="{{.Id}}" nameofcontainer |
| Centralized log management on Centos7: | |
| Two Linux servers ( server @ ip 192.168.0.105 and client @ ip 192.168.0.104). | |
| Server setup (Assuming rsyslog package is installed): | |
| [root@server ~]# vi /etc/rsyslog.conf # Provides UDP syslog reception$ModLoad imudp$UDPServerRun 514 # Provides TCP syslog reception$ModLoad imtcp$InputTCPServerRun 514 [root@server ~]# service rsyslog restart Verify the syslog server listening. | |
| [root@server ~]# netstat -antup | grep 514 tcp 0 0 0.0.0.0:514 0.0.0.0:* LISTEN 8081/rsyslogdtcp 0 0 :::514 :::* LISTEN 8081/rsyslogdudp 0 0 0.0.0.0:514 0.0.0.0:* 8081/rsyslogdudp 0 0 :::514 :::* 8081/rsyslogd | |
| Client setup: | |
| [root@client ~]# vi /etc/rsyslog.conf At the end of file place the following line to point the client message log to the server | |
| *.info;mail.non |
| Docker, Ansible, Vagrant, and Docker Swarm: | |
| DevOps-lab: | |
| http://searchitoperations.techtarget.com/feature/DevOps-lab-Learn-Ansible-to-pick-up-configuration-management-concepts | |
| http://searchitoperations.techtarget.com/feature/Learn-DevOps-techniques-and-tools-in-this-home-lab-setup | |
| http://searchitoperations.techtarget.com/feature/DevOps-lab-How-to-use-Docker-swarm-mode-to-run-containers-in-VMs | |
| Using Vagrant to Deploy Multiple VMs on vSphere: | |
| http://buildvirtual.net/using-vagrant-to-deploy-multiple-vms-on-vsphere/ |
| import os | |
| import re | |
| import sys | |
| import time | |
| from json import load, dumps | |
| from urllib2 import Request, urlopen | |
| from urllib import urlencode | |
| from xml.etree.ElementTree import Element, SubElement, tostring, ElementTree | |
| import xml.dom.minidom as minidom |