tuantm8

index=_internal sourcetype=scheduler search_type="scheduled" scheduled_time=* savedsearch_name=*rule scheduler rule earliest=-24h@h latest=@h

| eventstats count by savedsearch_name
| where count>=23

| eval H=strftime(scheduled_time, "%-H")
| eval M=strftime(scheduled_time, "%-M")

| chart limit=24 count over M by H
| table M 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23

tuantm8

PostgreSQL is Enough

• Simplify: move code into database functions
• Just Use Postgres for Everything
• PostgreSQL is the worlds’ best database
• Postgres is eating the database world
• Hacker News discussion

Background and Cron Jobs

tuantm8

Rating System:

| 😡 - Awful | 😠 - Bad | 😐 - Fine | 😃 - Good | 😁 - Exceptional |

---------------------------------------------------------------------------------------------------------------

books listed in chronological order from last read to first read

• 😃 - Surveillance Valley - Yasha Levine
• 😃 - The Ransomware Hunting Team - Renee Dudley and Daniel Golden
• 😠 - CRACK99 - David Locke Hall
• 😃 - The Spy Who Couldn't Spell - Yudhijit Bhattacharjee
• 😐 - The Fifth Domain - Richard A. Clarke, Robert K. Knake
• 😁 - Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks - Scott J. Shapiro

tuantm8

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# PS : ChatGPT makes mistakes, consider "trust but verify" principle
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
#Events to Monitor
https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
#run 
eventvwr.msc            Event viewer
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Event Viewer(Local)-Windows Logs (shutdown / restart )

tuantm8

using System;
using System.Collections.Generic;
using System.Diagnostics.Eventing.Reader;
using System.Text.RegularExpressions;
using System.Threading;

namespace EventLogSearcher
{
    class Program
    {	

tuantm8

###############################################################################
# The MIT License
#
# Copyright 2012-2014 Jakub Jirutka <jakub@jirutka.cz>.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is

tuantm8

Security Onion
Aug 2014:

... my purpose for installing this was to:
    - learn more about security stuff
    - steal the packet captures (pcap) provided so I can replay them using tcpreplay for snort testing, 
       as it's not so sexy to just test using ICMP ping data or local rules that match anything

see:
http://blog.securityonion.net/

tuantm8

Recommended Reading List for Developers 1st Half 2014

The Recommended Reading List is a valuable resource for technical professionals who want to thoroughly explore topics such as multi-core programming, embedded, security, and more. Dozens of industry technologists, corporate fellows, and engineers have helped by suggesting books and reviewing the list.

Books For Hardware Developers

Power and Thermal Management

• Power Management in Mobile Devices - Findlay Shearer - Newnes - 9780750679589
• Thermal and Power Management of Integrated Circuits - Arman Vassighi, Manoj Sachdev - Springer - 9781441938329