After unexpected shutdown of my Mac, UTM VMs (that were running at that time) failed to start with following message “Entering emergency mode. Exit the shell to continue”,
After digging a little it turned out that the problem was a corrupt boot drive.
Continue reading Centos – repair corrupt boot driveAfter trying to repair a wrong drive, my VM on UTM crashed and failed to start with this message “qcow2: Image is corrupt; cannot be opened read/write”
By the way here is how to repair CentOS boot drive correctly
Continue reading UTM VM fails to start “qcow2: Image is corrupt; cannot be opened read/write”Splunk Connect for Kafka (aka SC4K) allows to collect events from Kafka platform and send them to Splunk. While the sending part (to Splunk) was pretty straight forward to me, the collection part (from Kafka) was very new, as I’ve had no experience with Kafka eco-system. So I guess will start with it.
Continue reading Splunk Connect for KafkaWhen having an exam with Pearson VUE, you would only get pass/faill result, but what if you want to know which section of the exam you have scored low and you want to brush up on the relevant skills? Here is how to get score breakdown for Pearson VUE exam.
Continue reading Get Score Breakdown for Pearson VUE ExamAfter setting up Cntlm on my new MAC at work and trying it for the first time I’ve got a “Proxy returning invalid challenge” error.
So here is my understanding of the current Splunk Certification Tracks.
Of course you can go to the “source” https://www.splunk.com/en_us/training.html , but may be that visual representation will help someone
Continue reading Splunk Certification Tracks
Here is how we have used goss and Ansible templates to run system tests after building syslog-ng servers
Continue reading Using goss and Ansible templates for System Testing
If you are dealing with big amounts of EBS volume and need to extend it you might face one day an AWS VolumeModificationSizeLimitExceeded error.
I’ve started using Ansible at my work, where we use it to deploy Splunk environments.
One of the things I needed to do is to provide a list of tcp ports to a “with_items” statement in a form of list.
Continue reading Ansible – loop over netsted variables
Want to get a list REST API users and their IPs?
Run this search
index=_internal host IN(SH1,SH2,SH3) sourcetype=splunkd_access user != "-" clientip != "IP_of_SH1" clientip != "IP_of_SH2" clientip != “IP_of_SH3” NOT TERM(127.0.0.1) NOT TERM(splunk-system-user) | stats values(clientip) by user
The limitation is if the users are going via a Load Balancer, you will see Load Balancer’s IP as the clientip
