Snort Alert Log: Simple Analysis and Daily Reporting with Arnold and Petit

Background This script was developed last year to give a quick and dirty analysis of the Snort alert log. In typical fashion, it’s is far from perfect, but approximately right is better than absolutely wrong. Obviously, the intersects could be combined in new and creative ways, this is just one that works for us. Also,

Centralized Logging System, Analysis, and Troubleshooting

Background Building a feature complete centralized logging system that provided the ability to trouble shoot problems and pro-actively find new issues before they became service outages was a top priority when I first started at (www.eyemg.com). I call it feature complete because it has successfully done both for us without spending too much time of

Petit is Available in Fedora 13

Fedora 13 is out and with it Petit is available to be installed through the fedora repository. That means it can be installed easily through yum, like so.

I would like to thank Sandro “red” Mathys for helping me get petit into Fedora 13. Now I have to work on getting it in Debian/Ubuntu.

PyOhio 2010 Python Regional Conference

Background Python is an open source programming language which is growing in popularity and PyOhio is an annual conference for Python programmers in and around Ohio. I first attended PyOhio in 2009. I was immediately impressed with the quality of all of the talks that I attended. I was also impressed with the intellectual environment,

DevOps Toolchain: Problems with Automated Deployment, Data & Workflow

Background Automated deployment is obviously not new, but until this point, there was not much push in the open source world. Recently, the idea of DevOps or Ops 2.0 is gaining ground. We are starting to think of our deployment and provisioning methods more like software engineers. We are developing tools to help us provision

Scripting & Automation: The Qualitative to Quantitative Workflow

Background Scripting & Automation has been a goal since the beginning of Unix and, let me state, that I believe that it is possible to achieve a Fully Automated Provisioning system in our production environments. In fact, I think it is essential that we develop fully automated provisioning systems to keep up with the rate

Splunk .Conf 2010

This conference came across my Radar a couple of weeks ago and they just released the session descriptions. Afew of the sessions look pretty interesting from a sys admin perspective. AD, LDAP, and SSO in Splunk Logging at TB Scale Using Splunk to monitor Business Transactions Check out more here: Slunk .Conf 2010

We have moved: opensource.eyemg.com becomes crunchtools.com

Hello Everyone, I am proud to announce that http://opensource.eyemg.com has officially become part of http://crunchtools.com. When the original open source site was created, it was to facilitate distribution of open source software which had been developed in and around EYEMG’s data ceter. Since then the content has expanded to include a vision of tutorials, software

Data Center: Best Practices and Free Software

Abstract This presentation was created for the Akron Linux Users Group in 2009. This is an overview of how I apply the telco model of FCAPS to running a commercial data center. It also overviews open source pieces of software that cover each of the elements of FCAPS. I envision a future presentation which presents