Saturday, October 31, 2020

haproxy siem load balancing config example

 

defaults
    mode tcp
    timeout connect 5000ms
    timeout client 50000ms

listen graylog
    bind *:514
    mode tcp
    balance roundrobin
    server graylog1 10.0.0.1:514
    server graylog2 10.0.0.1:514
    timeout connect 20s
    timeout server 30s

Thursday, October 29, 2020

Sniffing pod's traffic on openshift

# get worker node name

oc get pod -o wide

# get container id
oc get pod <podname> |grep -i containerid

# login to worker node

# get pid by using container-id
docker inspect <container-id> |grep -i pid

# use namespace enter -t <pid> and run tcpdump command.


nsenter -t 1234 -n tcpdump -nnvv -i eth0 port 3128

vim Tips for Editing YAML Files

 vim Tips for Editing YAML Files# 

:set cursorcolumn 

:set nocursorcolumn 

:set ai ts=2 sw=2 et 

:set colorcolumn=3,5,7

 

press lower case v: VISUAL mode 

press capital v: VISUAL LINE mode 

press ctrl + v: VISUAL BLOCK mode

Red Hat Ansible installation

You can find source code and rpm files on this link:

https://access.redhat.com/articles/3174981

Wednesday, October 21, 2020

Enable API interface on Checkpoint r80.20

1. Login to web portal by using admin user:

2. Open terminal

3. Login as admin

4. type "api start"

 

 

5. Open SmartConsole (Desktop app)


6. Login as admin rights

7. Manage Settings -> Blades -> Management API

 

7. Select "All ip addresses"

 

8. Click Publish