60877727

Suricata JSON logs and 480 bytes max

Details: Published: 24 February 2022

Beginning to receive logs from pfSense/Suricata and noticed something was off. When trying to parse the JSON messages, very few messages would actually pass. Nothing wrong with Graylog JSON parser, but simply that pfSense syslog daemon will automatically truncate exported messages to 480 bytes max. 480 bytes is a fair bit, but not enough when outputting in JSON format from Suricata. So this is a bit marginal use case; exporting JSON formatted logs from Suricata in pfSense :)

Graylog on Raspberry Pi 4

Details: Published: 02 February 2022

Project: Have to know my openwrt access point a little better. I.e. gather logs from the access point and point these logs to a central location and somehow display and search the logs. Possible even an alert, when something bad is happening. On the backburner is adding other devices and adding some fancy displays.

Volumio - bookshelf edition

Details: Published: 03 March 2020

Some note about my take on a Raspberry/Volumio box. This is not a expert how-to or anything like that, but just stuff that would be nice to avoid; things I would have liked to know before i started. I.e. if you are not super electricity minded, you might find something useful.

Bookshelf size Volumio box.

ESXi 5.0/GhettoVCB with NFS on FreeNAS 8.2

Details: Published: 16 March 2013

ESXi
FreeNAS

Basically a very simple setup, but have eluded me for some time now: Simply backup some running VM's on a ESXi 5.x to a FreeNAS NFS service. I'm running FreeNAS 8.2 (FreeNAS update routine is also give me some strange access rights errors lately, so never got round to updating the bugger) Shouldn’t be a problem with version 8.1 or 8.3.

Things might be done differently with better preference/lesser work. I'm no expert, so please let me know if your setup performs better, or to point out some stupid mistakes I have made. But the following will get backups of your VM's to a FreeNAS box.

I'm still struggling with some kind of synchronisation with Amazon S3 from FreeNAS. If you have done any kind of progress along offsite sync from FreeNAS or any throughs on this, please let me know.

All glory is going to William Lam (www.virtuallyghetto.com) for his work on ghettoVCB script. There is nothing original here, I just put some snips together.