Tech notes

Content Packs for Graylog Lately, I have been working with Graylog a lot so I decided to update a few items on github and update their entries on the Graylog marketplace website. BRO content pack for Graylog The BRO IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog […]

Rsync is an awesome tool that I have used extensively. However, I think it is time to explore other tools that can replace some of what rsync has been doing for so many years. I’m not saying that you should never use rsysnc. What I am saying is there are other options and in some […]

Overview As with any system running software, you are going to have to apply patches to it at some point and VMware is no different. VMware recommends customers install all security patches to maximize the protection that VMware provides. For a list of all security patches, you can go here https://my.vmware.com/group/vmware/patch#search. Login with your myvmware […]

Subscription Management using subscription-manager Register a System subscription-manager register --username <username> --password <password> --auto-attach Disable managed yum repositories subscription-manager config –rhsm.manage_repos=0 Enable a specific channel subscription-manager repos –enable rhel-6-server-optional-rpms Sync RHN Profile rhn-profile-sync From https://access.redhat.com/solutions/253273

Upgrading the Salt Minion For installation, follow the instructions on the saltstack website Upgrade the Windows salt-minion Login to the salt-master server and cd to the files directory cd /srv/salt/server-base/file Download the latest Version from the SaltStack Website (https://repo.saltstack.com/) wget https://repo.saltstack.com/windows/Salt-Minion-2016.11.1-AMD64-Setup.exe Copy the newest version out to all the Windows servers based on architecture salt […]

Accommodate growth of a VM by expanding an LVM partition At some point, a “physical volume” may have to be enlarged to accommodate growth on a VM. This is how you grow the filesystem of an existing VMDK without adding an additional disk to your VM. Enlarging a VMDK login to VMware Find the VM […]

This is not meant as a full primer for firewalld. It is just meant to document changing the default zone. If you are looking for a more in-depth exposure to firewalld try https://www.hogarthuk.com/?q=node/9 Check available zones firewall-cmd --get-zones Check active zone firewall-cmd --get-active-zones Get current zone of interface (assumes it is in the public zone) […]

Overview For anyone that doesn’t know, Security Onion is a custom Linux distribution running on Ubuntu that can be used as a Network Intrusion Detection System (NIDS). Security Onion integrates several configurable apps like BRO IDS, Snort, Suricata, and OSSEC to name a few. By default, there is an integrated ELSA Stack that can be […]