List all Public IP Addresses Across All of your AWS Accounts

Gathering all EC2 Public IPs

Recently I needed to automate pulling all public IP addresses across all of the EC2 accounts I have access to. I wrote the following script to deal with that problem.

Note: Thank you to Daniel Miessler for the script to pull the IPs. My Script makes that work across . . . → Read More: List all Public IP Addresses Across All of your AWS Accounts

Ingesting Okta logs in to Graylog

After many failed attempts to import Okta logs in to Graylog (using some PowerShell scripts I found online) I decided to take a different approach. Here is what my final Dashboard and view ended up looking like:

Prerequisites

To ingest Okta logs in to Graylog you will need the following:

. . . → Read More: Ingesting Okta logs in to Graylog

Bulk Lookup Owner of IP Address

To perform a bulk whois lookup of a list of IP addresses use the following script:

Bulk whois lookup while read ip; do if [ ! -z “$ip” ]; then echo -n “$ip – ” && whois $ip 2>/dev/null grep “Organization” -m 1; fi; done < ip_list.txt Example input (ip_list.txt) 172.217.8.206 172.217.8.203 172.217.8.266 151.101.65.67 Output . . . → Read More: Bulk Lookup Owner of IP Address

Querying McAfee ePo on End User Machines

Code loop through a range of IPs and query McAfee epo on client machines # Loop through IP address 10.0.0.10 – 10.0.0.20 and print out # the computer name and the agent version echo “” > output; for ((i=10;i<=20;i++)) do # -s Silent Curl # -m 1 Wait no longer than 1 second per host . . . → Read More: Querying McAfee ePo on End User Machines

Script to Backup Alienvault OSSIM Master Server

Script to backup AlienVault OSSIM master server . . . → Read More: Script to Backup Alienvault OSSIM Master Server

diff two files and output lines not seen in file 2

Problem

You need two diff two files and only output what is unique to file one.

text file 1 contains:

1 2 3 4 5

text file 2 contains:

6 7 1 2 3 4 Solution $ awk ‘FNR==NR{a[$0]++;next}!a[$0]’ file1 file2 6 7

Explanation of how the code works:

If we’re working on file1, track . . . → Read More: diff two files and output lines not seen in file 2

kill orphaned httpd processes

to kill orphaned httpd processes create a script called killhttpd.sh with the following code

#!/bin/bash for pid in `ps -C httpd|sed -e ‘s/^\ \+//g’ | grep httpd|awk ‘{print $1}’` do kill $pid done