mediawiki | debugging
Set $wgDebugLogFile in DefaultSettings.php
Tag: log
Squid | print log file with human readable timestamps
perl -pe ‘s/\d+/localtime($&)/e’ /var/log/squid/access.log
SELKS | suricata | Nagios monitoring
You wanna monitor suricata via nagios? On Suricata machine do: 1. Create a pipe and set permissions. # mknod -m 666 /var/pipes/suricata.pipe p 2. Let suricata write the fast log to this pipe tuning the /etc/suricata/selks[VERSION]-addin.yaml: outputs: # a line based alerts log similar to Snort’s fast.log – fast: enabled: yes filename: /var/pipes/suricata.pipe append: yes […]
SELKS | suricata | Scirius | Elasticsearch | Hints
1. Manual update SELKS performs a daily suricata update (via /etc/crontab). To execute it manually call as www-data (!!!) NEVER RUN AS ROOT!!! # /bin/sh -c /bin/bash ‘cd /usr/share/python/scirius/ && . bin/activate && python bin/manage.py updatesuricata && deactivate’ www-data 2. fast.log rotation You MUST restart suricata to create a functional fast.log after logrotate. SIGHUP and/or […]
OpenBSD | SFTP with Logging and public key authentication
Some hints /example: * Add a group sftpgroup: sftpgroup:*:1001: * Add a user sftpuser1. * Add a home directory for this user, it’s the sftp data directory. Here we use /data/sftp/sftpuser1 * Chown this directory to drwxr-x— 4 root sftpgroup 512 Jan 5 12:53 sftpuser1 * Tune this user, always (!) use vipw, otherwise your […]
Parse Apache | Icecast logs
gawk ‘BEGIN { FPAT=”([^ ]+)|(\”[^\”]+\”)|(\\[[^\\]]+\\])” } { print $9 }’
Microsoft | WSUS – Clearing the syncronization history
Loading the syncro history in wsus mmc is very slow and can lead to a timeout [request for server node reset]. In this case delete old history entries: * Start the SQL server management studio * —> Databases —> SUSDB —> right click —> New query USE SUSDB GO DELETE FROM tbEventInstance WHERE EventNamespaceID = […]
Microsoft | WSUS – You should know
Running WSUS using the microsoft sql server express edition [ssee] is pain in the ass. It’s simply too slow. The mmc will run into timeout. Use the more powerful microsoft sql server instead. The first syncronization eats a lot of time. Unfortunately this syncro generates such a huge pile of database data. This results in […]
OpenVPN | log connection status
First method: Add the following lines to servers conf: status /var/log/status.log 5 status-version 2 Second method: Add the following lines to servers conf: client-connect /path/to/your/connect_script.sh client-disconnect /path/to/your/disconnect_script.sh Start your server with ‘–script-security 2’ The scripts must be owned by the same user running the server. If your scripts are writing log files, check the log […]
bytes and bones 