sudo apt update && sudo apt upgrade
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/groovy | |
/* | |
* Copyright (c) 2016, Andrey Makeev <amaksoft@gmail.com> | |
* All rights reserved. | |
* | |
* Redistribution and use in source and binary forms, with or without | |
* modification, are permitted provided that the following conditions | |
* are met: | |
* 1. Redistributions of source code must retain the above copyright |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Syslog stuff | |
COMPONENT ([\w._\/%-]+) | |
COMPID postfix\/%{COMPONENT:component}(?:\[%{POSINT:pid}\])? | |
POSTFIX %{SYSLOGTIMESTAMP:timestamp} %{SYSLOGHOST:hostname} %{COMPID}: %{QUEUEID:queueid} | |
# Milter | |
HELO (?:\[%{IP:helo}\]|%{HOST:helo}|%{DATA:helo}) | |
MILTERCONNECT %{QUEUEID:qid}: milter-reject: CONNECT from %{RELAY:relay}: %{GREEDYDATA:milter_reason}; proto=%{WORD:proto} | |
MILTERUNKNOWN %{QUEUEID:qid}: milter-reject: UNKNOWN from %{RELAY:relay}: %{GREEDYDATA:milter_reason}; proto=%{WORD:proto} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Windows AMIs don't have WinRM enabled by default -- this script will enable WinRM | |
# AND install 7-zip, curl and .NET 4 if its missing. | |
# Then use the EC2 tools to create a new AMI from the result, and you have a system | |
# that will execute user-data as a PowerShell script after the instance fires up! | |
# This has been tested on Windows 2008 SP2 64bits AMIs provided by Amazon | |
# | |
# Inject this as user-data of a Windows 2008 AMI, like this (edit the adminPassword to your needs): | |
# | |
# <powershell> | |
# Set-ExecutionPolicy Unrestricted |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
grok { | |
tags => "postfix/smtpd" | |
pattern => [ "%{POSTFIXSMTPDCONNECTS}", | |
"%{POSTFIXSMTPDACTIONS}", | |
"%{POSTFIXSMTPDTIMEOUTS}", | |
"%{POSTFIXSMTPDLOGIN}", | |
"." ] | |
named_captures_only => true | |
} |