Shantanu's Blog

Corporate Consultant

June 29, 2017

 

Amazon User Activity Log

Here is a good article about how to integrate cloud trail to elastic search.

https://blog.powerupcloud.com/visualizing-aws-cloudtrail-logs-using-elk-stack-e3d3b399af43

Once I follow all these steps, I can log all Amazon activities into Elastic. This is super useful to know what changes are taking place in my account.

Labels: , , ,


June 23, 2017

 

validate your json string

jsonschema has validate method to make sure the data is satisfying the correct types. For e.g. in the following code, I will get an error asking me to correct street_address from 353 to string.

import jsonschema

schema = {
  "type": "object",
  "properties": {
    "street_address": {"type": "string"},
    "city": {"type": "string"},
    "state": {"type": "string"},
  },
  "required": ["street_address", "city", "state"]
}

jsonschema.validate({
    "street_address": 353,
    "city": "bar",
    "state": "foobar"
}, schema)

Labels:


 

Python tips

# itertools module has permutations and combinations methods

numbers = ['1','3','4', '6', '5', '9']
mylist=list()
for nums in itertools.permutations(numbers):
    mylist.append(nums)

for ops1 in itertools.combinations_with_replacement(numbers, 2):
    print (ops1)

# use format method of string object to replace place-holders

t1='(({0}{4}{1}){5}{2}){6}{3}'

nums = ('6', '4', '3', '1')

ops2=('*', '/','+')

final=nums+ops2

t1.format(*(final))

Labels:


June 15, 2017

 

formatting dates using logstash

Let's assume we need this csv file to be imported in Elastic-search.

vi /tmp/path_to_my_csv.csv

1234365,2016-12-02 19:00:52
1234368,2016-12-02 15:02:02
1234369,2016-12-02 15:02:07
_____

I will need this config file to process it.

vi /tmp/logstash.conf
input {
  file {
    path => "/config-dir/path_to_my_csv.csv"
    start_position => "beginning"
    sincedb_path => "/dev/null"
  }
}
filter {
  csv {
        separator => ","
        columns => ["col1","col2"]
  }
  mutate {convert => [ "col1", "float" ]}
  date {
        locale => "en"
        match => ["col2",  "yyyy-MM-dd HH:mm:ss"]
        target => "col2"
   }
}
output {
   elasticsearch {
     hosts => "http://172.17.0.1:9200"
     index => "my_collection"
  }
  stdout {}
}
_____

# delete the index first
curl -XDELETE localhost:9200/my_collection

# change to /tmp/ folder
cd /tmp/

# use docker image to import data
docker run -it --rm -v "$PWD":/config-dir logstash -f /config-dir/logstash.conf

# check the mapping
curl -XGET 'http://localhost:9200/_mapping?pretty=true' | grep -A2 col2

If this command returns something like the following then the date is parsed correctly.

          "col2" : {
            "type" : "date"
          },

_____

If elasticsearch container is not listening on localhost then....

docker run -d -p 9200:9200 -p 5601:5601 nshou/elasticsearch-kibana

or use shantanuo/mykibana


June 04, 2017

 

Packetbeat dashboards

In order to import sample kibana dashboards, we need to install packetbeat first. And then install the sample dashboards to elastic server.

curl -L -O https://artifacts.elastic.co/downloads/beats/packetbeat/packetbeat-5.4.1-x86_64.rpm

sudo rpm -vi packetbeat-5.4.1-x86_64.rpm

cd /usr/share/packetbeat/

./scripts/import_dashboards -es http://localhost:9200

Labels: ,


June 03, 2017

 

Frequently used docker containers

Here are 3 containers those I need most of the times.

1) elastic and kibana

docker run -d -p 9200:9200 -p 5601:5601 nshou/elasticsearch-kibana

# get the IP of elastic using command hostname -i and then install metric-beat dashboard using docker

docker run docker.elastic.co/beats/metricbeat:5.5.0 ./scripts/import_dashboards  -es http://172.31.73.228:9200

2) python pandas using miniconda

docker run -i -t -p 8888:8888 -v /tmp:/tmp continuumio/miniconda3 /bin/bash -c "/opt/conda/bin/conda install jupyter -y --quiet && cd /tmp/ && /opt/conda/bin/jupyter notebook --NotebookApp.token='india' --notebook-dir=/tmp --ip='*' --port=8888 --no-browser --allow-root"

3) mysql fixed bug and added IST timezone

docker run -p 3399:3306 -e MYSQL_ROOT_PASSWORD=india3399 -v /my/custom3399:/etc/mysql/conf.d  -v /storage/mysql/datadir3399:/var/lib/mysql -d shantanuo/mysql:5.6

This container uses the config file as shown below:

# vi /my/custom3399/my.cnf
[mysqld]
server-id=1723169137

max_binlog_size=1024M
expire_logs_days=40
binlog_format=ROW
binlog_checksum=NONE

### enable master
# log-bin=/var/log/mysql/mysql-bin.log

### myisam only
# skip-innodb
# default-storage-engine=MyISAM
# default_tmp_storage_engine=MyISAM
# key-buffer-size=1G
# myisam_max_sort_file_size=40G
# myisam_sort_buffer_size=512M
# bulk_insert_buffer_size=1G
### disable strict sql mode
# sql-mode=''
# secure-file-priv = ""

### innodb setting
# innodb_buffer_pool_size=1G
# innodb_log_file_size=512M

# innodb_flush_method=O_DIRECT
# innodb_file_per_table
# innodb-flush-log-at-trx-commit = 2

# make sure temp directory has sufficient space
# tmpdir=/

4) Adminer container to manage mysql

docker run -p 80:80  -d  shantanuo/adminer /bin/bash -c "/usr/sbin/apache2ctl -D FOREGROUND "

Labels: ,


Archives

June 2001   July 2001   January 2003   May 2003   September 2003   October 2003   December 2003   January 2004   February 2004   March 2004   April 2004   May 2004   June 2004   July 2004   August 2004   September 2004   October 2004   November 2004   December 2004   January 2005   February 2005   March 2005   April 2005   May 2005   June 2005   July 2005   August 2005   September 2005   October 2005   November 2005   December 2005   January 2006   February 2006   March 2006   April 2006   May 2006   June 2006   July 2006   August 2006   September 2006   October 2006   November 2006   December 2006   January 2007   February 2007   March 2007   April 2007   June 2007   July 2007   August 2007   September 2007   October 2007   November 2007   December 2007   January 2008   February 2008   March 2008   April 2008   July 2008   August 2008   September 2008   October 2008   November 2008   December 2008   January 2009   February 2009   March 2009   April 2009   May 2009   June 2009   July 2009   August 2009   September 2009   October 2009   November 2009   December 2009   January 2010   February 2010   March 2010   April 2010   May 2010   June 2010   July 2010   August 2010   September 2010   October 2010   November 2010   December 2010   January 2011   February 2011   March 2011   April 2011   May 2011   June 2011   July 2011   August 2011   September 2011   October 2011   November 2011   December 2011   January 2012   February 2012   March 2012   April 2012   May 2012   June 2012   July 2012   August 2012   October 2012   November 2012   December 2012   January 2013   February 2013   March 2013   April 2013   May 2013   June 2013   July 2013   September 2013   October 2013   January 2014   March 2014   April 2014   May 2014   July 2014   August 2014   September 2014   October 2014   November 2014   December 2014   January 2015   February 2015   March 2015   April 2015   May 2015   June 2015   July 2015   August 2015   September 2015   January 2016   February 2016   March 2016   April 2016   May 2016   June 2016   July 2016   August 2016   September 2016   October 2016   November 2016   December 2016   January 2017   February 2017   April 2017   May 2017   June 2017   July 2017   August 2017  

This page is powered by Blogger. Isn't yours?