[00:13] <diddledan> haha: https://twitter.com/SwiftOnSecurity/status/804115807299047424
[09:00] <foobarry> ahhh figured out why ctrl-R in my terminal stopped working..simple screen recorder was stomping on it
[09:04] <davmor2> Morning all
[09:54] <popey> Greetings from London.
[09:55] <JamesTait> Good morning all! Happy Thursday, and a peaceful World AIDS Day. 🎗
[09:59] <davmor2> JamesTait: whenever I hear about aids this is the song that drops into my head https://www.youtube.com/watch?v=oB4K0scMysc so let it be this
[10:06] <brobostigon> morning boys and girls.
[10:14] <foobarry> any logstash users in here?
[10:14] <SuperMatt> morning
[10:15] <SuperMatt> I'm using it, but I don't know how it works
[10:15] <foobarry> yeah
[10:15] <foobarry> wondered about a best practice question
[10:15] <SuperMatt> like?
[10:15] <foobarry> do i edit rsyslog.conf to send some logs or use shipper
[10:15] <SuperMatt> We use filebeat
[10:17] <foobarry> do you have shexy kibana screens?
[10:17] <foobarry> my kibaan screen is ugggglu
[10:17] <SuperMatt> yup, we have a full RELK stack
[10:22] <foobarry> got any screenshots you are allowed to show?
=== christel_ is now known as Guest94477
[11:56] <SuperMatt> foobarry: probably not ;)
=== alan_g is now known as alan_g|lunch
[12:12] <diddledan> foobarry:  https://usercontent.irccloud-cdn.com/file/EdQlJiZQ/kibana%20screenie
[12:13] <diddledan> note, I've just reset the index on that so it's not got full data
[12:15] <foobarry> cool
[12:15] <foobarry> and kibana 5 :)
[12:15] <foobarry> i really need to learn hwo to do awesomes
[12:18] <foobarry> hwo are you separating lines?
[12:19] <foobarry> maybe i need to get onto k5 and get cracking on that
[12:19] <diddledan> each entry has a term of channel which I'm using as the split
[12:19] <foobarry> is that a field?
[12:20] <diddledan> I've set the x-axis to timestamp and then aggregated by channel.keyword
[12:20] <diddledan> yes a field
[12:20] <foobarry> i have "password failed from user XXX"
[12:20] <foobarry> so i'm looking to regexp out the user and plot a pie chart of most failed users
[12:21] <diddledan> I have no idea how to do that :-p
[12:22] <diddledan> I split everything out using logstash so I would put a grok rule in for "password failed from user ${DATA:username}"
[12:22] <diddledan> that'll then save a new field called username
[12:23] <diddledan> you could also do a match where if the entry is a password failed entry then set another field indicating the type of message rather than just storing the message and trying to grok it after it's in the db
[12:24] <diddledan> so for those irc logs I'm pulling out as much as I can into fields and also including the full raw message
[12:25] <diddledan> example of some of my data https://usercontent.irccloud-cdn.com/file/y1RBy9xs/
[12:25] <diddledan> you can see each field separated there
[12:37] <foobarry> neat, thanks
[12:37] <foobarry> which file is the grokking done again? filter?
[12:37] <diddledan> grok is done in /etc/logstash/conf.d/*
[12:38] <diddledan> it's a step before inserting the data
[12:38] <diddledan> so it's done as you receive it rather than as you analyse it
[12:39] <diddledan> receive -> logstash/grok -> elasticsearch -> use it
[12:39] <foobarry> merci buckets
[12:40] <diddledan> hah, it's not just me that says it like that then :-p
=== alan_g|lunch is now known as alan_g
=== jbassett is now known as jasonbas
=== jasonbas is now known as jasonbassett
[14:13] <Safiyyah> hi guys, is anyone around?
[14:14] <Safiyyah> I am wondering how to synchronise thunderbird mail between the desktop and the laptop. Desktop has Xubuntu 16.04 and laptop has MATE 16.04
[14:14] <Safiyyah> The e-mail is synchronised but not the contacts
[14:15] <Safiyyah> the second problem is about the shell command line interface. If there an idiot's guide online regarding how to use it. everything I try seems too complex. All I want is to be able to access my desktop files from my laptop
[14:16] <foobarry> http://rik.smith-unna.com/command_line_bootcamp
[14:19] <Safiyyah> Thanks foobarry but I don't see anything regarding the ssh shell?
[14:20] <foobarry> you didn't mention ssh? i think you mean bash?
[15:05] <Azelphur> I had an interesting idea with my TV. It doesn't support remote control over IP (so no smartphone app, etc) I emailed them asking to implement it, or to give me the source so I could implement it myself, obviously they refused, so I posted what they sent me on Facebook, https://www.facebook.com/HisenseUK/posts/1797317843813762
[15:05] <Azelphur> not sure if I'll win, be interesting to see if I can get them to improve the software (or let me improve the software -_-)
[15:08] <jasonbassett> Safiyyah:  I synced thunderbird on 2 machine by syncronising the profile directory using rsync.  This worked well for me, despite suggestions I would get issues because the profile was named the same.
[15:14] <jasonbassett> it was not a live syncronisation, by that I mean I would sync my office pc to my home pc as I left the office so when I arrived home, I could fire up Thunderbird and it would be as I left it work.
[15:15] <jasonbassett> profile corruption may ensue if you have thunderbird open on either pc whilst rsync runs.
[15:15] <jasonbassett> It would be nice if thunderbird had built in sync, just like firefox does for bookmarks, saved passwords etc.
[15:16] <Safiyyah> okay
[15:17] <Safiyyah> so I shouldn't open the desktop and the laptop
[15:17] <Safiyyah> at the same time?
[15:17] <Safiyyah> jasonbassett
[15:18] <jasonbassett> correct, when syncing, I always had thunderbird closed.  I started the sync script when I left the office so it had synced to my home system by the time I got home.
[15:19] <jasonbassett> May be a better way to achieve this now, but that was the best I could come up with then, about 3 years ago
=== jbassett is now known as jasonbassett
=== jbassett is now known as jasonbassett
[17:59] <daftykins> Safiyyah: yay
[18:00] <daftykins> Safiyyah: did you really doubt me that dumping VGA would solve all your problems? ;)
[18:10] <zmoylan-pi> sad to see vga going...
[18:11] <daftykins> when someone has to use a modeline in their xorg.conf in 2016? i don't think so (:
[18:11] <MartijnVdS> daftykins: when you want to boot before attaching the screen :)
[18:11] <MartijnVdS> or when using a screen from the stone age
[18:12] <daftykins> or when getting a buggy EDID
[18:12] <zmoylan-pi> my stone age screens work fine, thank you very much :-)
[18:12] <daftykins> such as is the case with this topic
[18:16]  * zmoylan-pi is currently trying to convince myself to send 2 of the 3 monitors i have for recycling keeping the oldest one as it alse has scart as well as vga
[18:19] <daftykins> and what's such an old interface going to be used for? :)
[18:19] <zmoylan-pi> it talks to my rasp pi b :-)
[18:19] <zmoylan-pi> with a bit of jiggery pokery and wacky cable connectors
[18:20] <daftykins> oh because you lack HDMI, i remember now
[18:21] <zmoylan-pi> if i ditch the 2 monitors i could then get a hdmi one and enter reluctanly the 21st century... but i usually prefer to jump to tech after it's successor has been out a few years :-D
[18:22] <zmoylan-pi> i switched to win2000 at work after sp2 came out for winxp.  i switched to winxp when windows 7 came along...
[18:23] <daftykins> that... sounds unwise
[18:24] <daftykins> do you also run outdated Linux versions too? ;)
[18:24] <zmoylan-pi> 1) it annoyed management 2) very few people sit and use your pc unless there is no other alternative :-)
[18:25] <zmoylan-pi> 3) older versions of windows run like hot snot on newer hardware
[18:26] <zmoylan-pi> possibly with the exception of vista which i never saw go fast on any hardware... :-P
[18:37] <daftykins> SP2 slipstreamed media would install and run pretty well for about 5 minutes, but yeah it ground to a halt big time, never known a version so bad
[18:37] <daftykins> (of Vista)
[18:37] <zmoylan-pi> i think it was the prefetch filling ram which on lower specced machines killed performance
[18:38] <zmoylan-pi> i remember quite a few vista machines that never had the hd led turn off
[18:38] <daftykins> well i saw ones with upgraded RAM and SSDs still be cringeworthily slow, so who knows
[18:39] <daftykins> glad to see it's going fully EOL this April :)
[18:39] <zmoylan-pi> i think it was still using virtual memory so probably shortened the lifespans of a few ssds too
[18:42] <daftykins> had a client today ask me to buy them a brand new Dell laptop for £916 because they were too impatient to wait for another Dell outlet one to come up for £680, nice to have that little concern for money...
[18:42] <zmoylan-pi> nice to have customers who don't check the bills as well :-P
[18:44] <daftykins> to be honest i always put in their own cards and let them pay for things at cost
[18:44] <daftykins> lots less hassle dealing with the paperwork then and i don't have to go through this time of year with thousands of pounds of minuses on my own accounts until they pay me back
[18:45] <zmoylan-pi> simplfies things a smidge
[18:53] <daftykins> apart from him making me buy it for him 'cause he's useless XD
[18:54] <daftykins> some o' them folk refer to buying things online as some kind of magic i do...
[18:58] <zmoylan-pi> for some they're terrified of getting scammed so avoid online transactions
[19:00] <daftykins> definitely not the case here, just act like it's some kind of puzzle
[19:02] <zmoylan-pi> blinded by pc advertising and have no clue what they are meant to be ordering?
[19:03] <daftykins> no, just the online process
[19:30] <kbingham> Whats the easiest way to strip a filename extension in shell in a portable way ? (read as support 'dash', and busybox 'sh')
[19:30] <kbingham> I'm assuming my only real portable way is to 'sed' it out.
[19:31] <kbingham> my actual goal is to make a file.bin become file.png : PNG=${FILE/bin/png}
[19:32] <SuperMatt> yeah, I'd sed it
[19:33] <SuperMatt> sed -e "s|\.bin$|.png"
[19:34] <SuperMatt> ah, found an easier way
[19:34]  * kbingham holds breath :D
[19:35] <SuperMatt> for i in $(ls *.bin | sed -e "s|\.bin$||"); do mv $i{.bin,.png}; done
[19:36] <kbingham> SuperMatt: Oh - no sorry - I need the names in a variable, as I'm passing the conversion through 'convert'
[19:37] <kbingham> well in fact - first a utility called raw2rgbpnm, then to png :D
[19:37] <kbingham> SuperMatt: but thanks - I'll just stick with sed.
[19:37] <SuperMatt> +1
[19:38] <kbingham> SuperMatt: Frustratingly, busybox sh actually handles the bashism PNG=${FILE/bin/png}, and it's only because I want my script to work on my ubuntu host, in the same way that it does on my *embedded target* that I'm having to work around this :(
[19:39]  * daftykins wonders how many times this task needs to be performed that such effort is being taken
[19:39] <kbingham> daftykins: On every output of an automated test :D
[19:40] <davmor2> kbingham: for i in `find /path/to/dir -name *.bin`; do <insert your convert command here>; done
[19:42] <davmor2> kbingham: if you don't wnat to run your convert command then you can just run do echo $i to see the output
[19:42] <kbingham> davmor2: Don't worry - here's the full context : http://paste.ubuntu.com/23564605/
[19:42] <kbingham> I'm already using sed in the script - so it's not really an issue.
[19:45] <daftykins> a friend of mine who lives and works up in England is speaking of a job for a web/software developer in Tunbridge Wells if anyone is interested
=== james is now known as Guest5213
[22:19] <zmoylan-pi> ah bugger, manuel from fawlty towers has died...
[23:05] <diddledan> zmoylan-pi: goddamit, 2016 is determined to keep it up for all 365 days!
[23:10] <zmoylan-pi> bit of a scare earlier with buzz aldrin but he's been looked after now