Log Analysis with Python

Abstract This presentation was created for the PyOhio 2010 conference. It gives an overview of Artificial Ignorance, command line graphing, and word counts with petit. It also gives a quick examples of weekly and monthly reporting when dealing with a syslog server which records switch, router, firewall, and server logs.   Presentation  

Unix/Linux Signals 101

Background Unix/Linux allows a user to have control over a program that they are running by sending what are called signals. These signals are then normally handled by the program in a way that is compliant with Unix/Linux standards. Two of the most important signals that are commonly sent to a program are called SIGTERM

Petit is Available in Debian Squeeze

Debian Squeeze is in testing and with it Petit is available to be installed through the repository. That means it can be installed easily through apt, like so.

I would like to thank Carl Chenet for helping me get petit into Debian Squeeze. Now I have to work on getting it in Ubuntu.

Unix/Linux Filesystem Permissions 101

Background Standard Unix filesystem permissions are less complex than Windows file system permissions and Linux ACLs. Though, this lacks flexibility which is sometimes needed, In many cases it can be leveraged as an advantage. Often the complexity of ACLs can allow administrators to create file system permissions which are cumbersome to audit and document. The

KVM Cluster with DRBD/GFS

Background Recently, I started a project at (www.eyemg.com) to migrate from VMWare to KVM. Our standard server deployment is based on RHEL5 running on HP DL380 hardware. Given our hardware/software deployment, it made sense to align ourselves with Red Hat’s offering of KVM. We are able to achieve feature parity with VMware server while adding

Snort Alert Log: Simple Analysis and Daily Reporting with Arnold and Petit

Background This script was developed last year to give a quick and dirty analysis of the Snort alert log. In typical fashion, it’s is far from perfect, but approximately right is better than absolutely wrong. Obviously, the intersects could be combined in new and creative ways, this is just one that works for us. Also,

Centralized Logging System, Analysis, and Troubleshooting

Background Building a feature complete centralized logging system that provided the ability to trouble shoot problems and pro-actively find new issues before they became service outages was a top priority when I first started at (www.eyemg.com). I call it feature complete because it has successfully done both for us without spending too much time of

Petit is Available in Fedora 13

Fedora 13 is out and with it Petit is available to be installed through the fedora repository. That means it can be installed easily through yum, like so.

I would like to thank Sandro “red” Mathys for helping me get petit into Fedora 13. Now I have to work on getting it in Debian/Ubuntu.

PyOhio 2010 Python Regional Conference

Background Python is an open source programming language which is growing in popularity and PyOhio is an annual conference for Python programmers in and around Ohio. I first attended PyOhio in 2009. I was immediately impressed with the quality of all of the talks that I attended. I was also impressed with the intellectual environment,

DevOps Toolchain: Problems with Automated Deployment, Data & Workflow

Background Automated deployment is obviously not new, but until this point, there was not much push in the open source world. Recently, the idea of DevOps or Ops 2.0 is gaining ground. We are starting to think of our deployment and provisioning methods more like software engineers. We are developing tools to help us provision