|
I kept receiving an “API error” when attempting to run TheHive Project Cortex Analyzer for IBM Xforce. There is currently a bug that is adding an extra / with every request. To fix this issue you need to modify this file: /opt/Cortex-Analyzers/analyzers/IBMXForce Command to fix the problem: perl -pi -e ‘s|%s/|%s|g’ /opt/Cortex-Analyzers/analyzers/IBMXForce/ibmxforce_lookup.py If you install Cortex from Yum on Centos7 you will most likely receive this error: /etc/init.d/cortex: line 26: /lib/init/vars.sh: No such file or directory This is the fix: perl -pi -e ‘s|. /lib/init/vars.sh|[ -r /lib/init/vars.sh ] && . /lib/init/vars.sh|g’ /etc/init.d/cortex perl -pi -e ‘s|. /lib/lsb/init-functions|[ -r /etc/init.d/functions ] && . /etc/init.d/functions|g’ /etc/init.d/cortex Code loop through a range of IPs and query McAfee epo on client machines # Loop through IP address 10.0.0.10 – 10.0.0.20 and print out # the computer name and the agent version echo “” > output; for ((i=10;i<=20;i++)) do # -s Silent Curl # -m 1 Wait no longer than 1 second per host . . . → Read More: Querying McAfee ePo on End User Machines When you export your bookmarks from Chrome and Firefox the resulting HTML looks pretty plain. Exported Bookmarks with Icons To enhance the exported bookmarks file by added icons try the following perl -i’bak’ -ple ‘s/ ICON=”([^”]+”)>/><img src=”$1″> /’ bookmarks.html Enhance with CSS You can further enhance the file using this js fiddle: http://jsfiddle.net/vaj0tted/ . . . → Read More: Add icons to your exported Chrome/Firefox Bookmarks If you want to return the current AlienVault OSSIM version you are running from a command line try this: version=$(dpkg -l | grep ossim-cd-tools | awk ‘{print $3}’ | awk -F’-‘ ‘{ print $1 }’) echo $version To convert a json file to CSV you will need a linux program called jq. INPUTFILE=”inputfile-with-json” OUTPUTFILE=”outputfile-formatted.csv” jq -r ‘(.[0] | keys_unsorted) as $keys | $keys, map([.[ $keys[] ]])[] | @csv’ ${INPUTFILE} > ${OUTPUTFILE} Lzop use to be my favorite fast compression program. That is until I learned about parallels gzip (pigz) Compress a Folder # compress a folder called “myfolder” at maximum compression using six threads tar cf – myfolder | pigz -9 -p 6 > myfolder.tar.gz Compress a Folder (Using Variables): # compress a folder called . . . → Read More: Parallel Gzip When you do not have enterprise support closing and opening elastic search indexes can break stuff in Graylog 2.4.6. Elastic Search Indexes Close/Open The official documentation for Elasticsearch 2.4.6 closing and opening an index can be found here: https://www.elastic.co/guide/en/elasticsearch/reference/2.4/indices-open-close.html curl -XPOST ‘localhost:9200/my_index/_close’ curl -XPOST ‘localhost:9200/my_index/_open’ Closing an index To close an index: # curl -XPOST . . . → Read More: Graylog 2.4.6 manual index backup and restore Script to backup AlienVault OSSIM master server . . . → Read More: Script to Backup Alienvault OSSIM Master Server To split terminal in to four horizontal tmux windows you can run the following code: #!/bin/bash tmux new-window -a -n WinSplit tmux new-session -d -s WinSplit tmux selectp -t WinSplit tmux split-window -v tmux set-window-option -g window-status-current-bg blue tmux split-window -v tmux split-window -v tmux select-layout even-vertical tmux attach -t WinSplit The result is something . . . → Read More: tmux horizontal window splitting |
|
|
Copyright © 2019 Brakertech - All Rights Reserved i can haz interweb |
|
