install ELK + Radius Debian/Ubuntu

apt-get installl redis-server
redis-cli ping
echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu xenial main" | tee /etc/apt/sources.list.d/webupd8team-java.list
echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu xenial main" | tee -a /etc/apt/sources.list.d/webupd8team-java.list
apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys EEA14886
apt-get update
apt-get install racle-java8-installer
wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
apt-get update
apt-get -y install elasticsearch
vi /etc/elasticsearch/elasticsearch.yml
network.host: yourip
update-rc.d elasticsearch defaults 95 10

Installing Kibana

echo "deb http://packages.elastic.co/kibana/4.4/debian stable main" | sudo tee -a /etc/apt/sources.list.d/kibana-4.4.x.list
apt-get -y install kibana
vi /opt/kibana/config/kibana.yml
server.host: yourip
update-rc.d kibana defaults 96 9
 service kibana start

Installing Logstash

echo 'deb http://packages.elastic.co/logstash/2.2/debian stable main' | sudo tee /etc/apt/sources.list.d/logstash-2.2.x.list
apt-get update
apt-get install logstash

Percona Monitoring

Installing the Percona Monitoring and Management Platform for Mysql
Server:

docker create -v /opt/prometheus/data -v /opt/consul-data -v /var/lib/mysql --name pmm-data percona/pmm-server:1.0.4 /bin/true
docker run -d -p 80:80 --volumes-from pmm-data --name pmm-server --restart always percona/pmm-server:1.0.4

Checking installation:

http://your.ip
http://your.ip/qan/
http://your.ip/graph/
user name: admin
password: admin

Client:
Debian APT:

wget https://repo.percona.com/apt/percona-release_0.1-3.$(lsb_release -sc)_all.deb
dpkg -i percona-release_0.1-3.$(lsb_release -sc)_all.deb
apt-get update
apt-get install pmm-client

CentOS YUM:

yum install http://www.percona.com/downloads/percona-release/redhat/0.1-3/percona-release-0.1-3.noarch.rpm
yum install pmm-client

Connect to Server:

pmm-admin config --server 192.168.100.1

Data Collection:

pmm-admin add mysql --socket /tmp/mysql.sock

Checking data collections:

 pmm-admin list

the cool website ;)

Das geil

Basic commands postgreesql

Basic commands for postgresql:

1.
Changing the Password

postgres=# ALTER USER postgres PASSWORD 'myPassword';
ALTER ROLE
postgres=# \q

2. How to see connected users to DB ?

 postgres=# select * from pg_stat_activity where datname = 'dbname';

3. How to create readonly_user for DB;

create user backup with password 'backup123';
grant connect on database "uday" to backup;
grant select on all tables in schema public to backup;
grant select on all tables in uday public to backup;
revoke all on schema public from backup;

4. dump and restore DATABASE with the same name

pg_dump -Fc dbaname > namedump.dump
pg_restore -v -d dbname namedump.dump

Autorun Debian

Add in autorun

# update-rc.d имя_в_initd defaults

Delete from autorun

# update-rc.d -f имя_в_initd remove

md5summ reading stdin and returns hash

Very simple, it accepts stdin and returns hash

md5sum <<< "my string"

To avoid the trailing newline added by the shell:

printf '%s' "my string" | md5sum

symphony cache clear

When you got redeclare class sessionhandler, you can fix to clearing cache:

ls /var/www/symphonydir/app/config/

php app/console cache:clear --env=prod --no-debug

php app/console cache:clear --env=dev --no-debug

How to log iptables into syslog

Wanna write all attempts to break the Firewall in syslog? do it 🙂
1. Make a backup old firewall setup

cp /etc/sysconfig/iptables /etc/sysconfig/iptables.orig

this is default firewall setup, adjust it according to requirements

 
cat > /etc/sysconfig/iptables << EOF

# Generated by iptables-save
*filter
:INPUT DROP    [0:0]
:FORWARD DROP  [0:0]
:OUTPUT ACCEPT [0:0]
:acceptinput - [0:0]
:dropinvalid - [0:0]
:dropicmp    - [0:0]
:dropinput   - [0:0]
:dropforward - [0:0]
#
# drop invalid packets
-A INPUT -m state --state INVALID -j dropinvalid
#
# accept local and already established connections
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# accept some ICMP packets
-A INPUT -m icmp -p icmp --icmp-type 0  -j ACCEPT
-A INPUT -m icmp -p icmp --icmp-type 3  -j ACCEPT
-A INPUT -m icmp -p icmp --icmp-type 11 -j ACCEPT
-A INPUT -m icmp -p icmp --icmp-type 8  -j ACCEPT
-A INPUT -m icmp -p icmp                -j dropicmp
#
# accept ssh, nrpe
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5666 -j ACCEPT
#
# default actions
-A INPUT   -j dropinput
-A FORWARD -j dropforward
#
# chains with loging definitions
-A dropinvalid -m limit --limit 15/min -j LOG --log-prefix "dropinvalid:"
-A dropinvalid -j DROP
-A dropicmp    -m limit --limit 15/min -j LOG --log-prefix "dropicmp:"
-A dropicmp    -j DROP
-A dropinput   -m limit --limit 15/min -j LOG --log-prefix "dropinput:"
-A dropinput   -j DROP
-A dropforward -m limit --limit 15/min -j LOG --log-prefix "dropforward:"
-A dropforward -j DROP
COMMIT
EOF
service iptables restart

And logging:
setting rsyslog to filter out iptables logs to a different file
/etc/rsyslog.d/iptables.conf
 
cat > /etc/rsyslog.d/iptables.conf << EOF

# filter messages starting with acceptinput: and not log anywhere else (&amp; ~)
:msg, contains, "acceptinput:" -/var/log/iptables.log
& ~

# filter messages starting with dropinvalid: and not log anywhere else (&amp; ~)
:msg, contains, "dropinvalid:" -/var/log/iptables.log
& ~

# filter messages starting with dropicmp: and not log anywhere else (&amp; ~)
:msg, contains, "dropicmp:" -/var/log/iptables.log
& ~

# filter messages starting with dropinput: and not log anywhere else (&amp; ~)
:msg, contains, "dropinput:" -/var/log/iptables.log
& ~

# filter messages starting with dropfw: and not log anywhere else (&amp; ~)
:msg, contains, "dropfw:" -/var/log/iptables.log
& ~

# # filter messages starting with dropforward: and not log anywhere else (&amp; ~)
:msg, contains, "dropforward:" -/var/log/iptables.log
& ~

# filter messages starting with TRACE: and not log anywhere else (&amp; ~)
:msg, contains, "TRACE:" -/var/log/iptables.log
& ~
EOF
service rsyslog restart

how to know how long the proccess running

 ps -eo pid,etime | grep $PID

how to trim spaces in bash variable

result=' text text '
 resultnosp="$(echo -e "${result}" | tr -d '[[:space:]]')"