Cheatsheet

[color=#00FF40]Hello[/color] [code]test[/code]

Linux Commands

  • rsync -hav serv1@remotehost:/home/ /tmp/ - Kopier ekstern til lokal
  • df -h – disk space
  • du -sh * – folder sizes
  • find /opt/splunk -type f -name distsearch.conf - Søk etter en fil i flere mapper
  • netstat -tulnp | grep 8191 eller ss -ltnp | grep 8191
  • journalctl -xe
  • ps aux | grep splunk
  • ssh -t hostname "nload" - Kjører eksternt men vises i ditt terminalvindu
  • sssh -x -t bruker@server "nload" - Legg til -x for å slå av GUI-forwarding

Splunk Basic Commands

  • /opt/splunk/bin/splunk reload deploy-server - Deploy Uforwarder apps
  • /opt/splunk/bin/splunk apply cluster-bundle - Push apps to indexers
  • tail -f /opt/splunk/var/log/splunk/mongod_upgrade.log
  • tail -f /opt/splunk/var/log/splunk/splunkd.log
  • /opt/splunk/bin/splunk show kvstore-status --verbose
  • splunk btool inputs list --debug

Splunk Search Examples

  • index=_internal | stats count by sourcetype
  • index=* error OR fail | head 20
  • index=os | top process_name
  • | metadata type=hosts
  • | tstats count where index=* by host
  • | dbinspect index=*

syslog-ng Commands

  • systemctl status syslog-ng
  • syslog-ng -s – syntax check
  • syslog-ng-ctl stats
  • syslog-ng-ctl show-license
  • cat /etc/syslog-ng/syslog-ng.conf
Utvider /tmp på EXT4
sudo lvextend -L +3G /dev/vg00/tmp && df -T /tmp && sudo resize2fs /dev/vg00/tmp && df -h /tmp

Check cert valid:
openssl x509 -in server.pem -text -noout