Douglas Muth

January 5th, 2019July 20th, 2019

Using Splunk on Hotel Internet

Splunk> Finding your faults, just like Mom.

In a previous post, I wrote about using Splunk to monitor network health. While useful for home and office use, there’s another valuable use for this app, and that’s when traveling.

In my case, over my Christmas vacation, I checked into a Mom and Pop hotel, or rather a motel! It was about 24 rooms all in a row, occupying a single floor. Since they were on a budget, their Internet offering consisted of what appeared to be 5 or 6 Linksys routers set up every few rooms. You’d simply connect to the closest access point and have Internet.

But there was a problem: determining which access point was closest to me! The signal strength indicator on my computer showed several of them were 3/3 bars so that wasn’t much help. I tried connecting to the first one, but had virtually no Internet connectivity.

That’s when I fired up Splunk:

SPLUNK_START_ARGS=--accept-license \
TARGETS=google.com,1.1.1.1,8.8.8.8,192.168.1.1 \
   bash <(curl -s https://raw.githubusercontent.com/dmuth/splunk-network-health-check/master/go.sh)

Running that command will print up a confirmation screen so that you can back out and change any options (such as hosts to ping), and when you’re ready, just hit <ENTER> to start the container.

In the above example, I added in the TARGETS environment variable, and was sure to include 192.168.1.1, which was the IP for each router (they were all the same). Then I set Splunk “real-time mode” and periodically checked that tab as I was working. This is what I saw:

Testing 3 separate hotel Access Points with Splunk

January 4th, 2019July 20th, 2019

Introducing: Splunk Lab!

Splunk> Australian for grep.

In a previous post, I wrote about using Splunk to monitor network health and connectivity. While building that project, I thought it would be nice if I could build a more generic application which could be used to perform ad hoc data analysis on pre-existing data without having to go through a complicated process each time I wanted to do some analytics.

So I built Splunk Lab! It is a Dockerized version of Splunk which, when started, will automatically ingest entire directories of logs. Furthermore, if started with the proper configuration, any dashboards or field extractions which are created will persist after the container is terminated, which means they can be used again in the future.

A typical use case for me has been to run this on my webserver to go through my logs on a particularly busy day and see what hosts or pages are generating the most traffic. I’ve also used this when a spambot starts hitting my website for invalid URLs.

So let’s just jump right in with an example:

SPLUNK_START_ARGS=--accept-license \
   bash <(curl -s https://raw.githubusercontent.com/dmuth/splunk-lab/master/go.sh)

This will print a confirmation screen where you can back out to modify options. By default, logs are read from logs/, config files and dashboards are stored in app/, and data that Splunk ingests is written to data/.

Once the container is running, you will be able to access it at https://localhost:8000/ with the username “admin” and the password that you specified at startup.

First things first, let’s verify our data was loaded and do some field extractions!

Main Index
Field Extractions

December 28th, 2018July 20th, 2019

Using Splunk to Monitor Network Health

Splunk> Winning the War on Error

I’ve been using Splunk professionally over the last several years, and I’ve become a big fan of using it for my data processing needs. Splunk is very very good about ingesting just about any kind of event data, optionally extracting fields at search time, and providing tools to graph that data, find trends, and see what is really happening on your platform. This is important when your platform consists of thousands of servers, as it does at my day job!

While Splunk can handle events in timestamp key=value key2=value2 format, it also has support for dozens of standardized formats such as syslog, Apache logs, etc. If your data is in a customized format, no problem! Splunk can extract that data at either index or search time! Finally, there’s the Search Processing Language, which is like SQL but for your event data. With SPL, you can run queries, generate graphs, and combine them all programatically.

So yeah, I’m a huge fan of Splunk. One thing I use it for out of the of office is to graph the health of my Internet connection. This is useful both for when I’m at home and when I am traveling–I just feed the output of ping into Splunk and then I can get graphs of packet loss and network latency.

Let’s just jump into an example screen–here’s what I saw when I was a friend’s place and I uploaded a video to YouTube:

December 21st, 2018March 16th, 2019

The Decepticons Get Drunk on Energon

This one isn’t so much a kick in my childhood as much as it is me wondering what the writers were thinking:

The dialogue in this scene is just… so hilariously out of character for the Decepticons it’s surreal. By this point, the series made it clear that the Decepticons were evil villains, yet in this scene they’re portrayed as a bunch of silly drunks. Why? Just, why?

December 20th, 2018May 8th, 2022

www.cheopard.com

What is a cheopard?

A typical cheetah, laying on its back. — A typical cheetah.

It’s a cross or hybrid of a leopard and a cheetah. It combines the good qualities of both species.

Generally speaking, a cheopard must be at least 28% cheetah.

So what are the good qualities of leopards?

Leopards are smart. They drag their prey up into trees and feast on it over several days. Efficient!

They are also strong–they can carry more than their body weight. That’s badass.

Leopards have also been known to steal kills from other predators. Even cheetahs are not safe from Leopard Larceny!

Leopards are the hot shit of big cats.

So what are the good qualities of cheetahs?

Pretty much this:

And that’s it. End of list!

Why did you register cheopard.com?

Because it was a nice short domain name that was available.

How did I get to this page?

You probably met me at a furry convention and I gave you this link.

If you have any questions, or are an actual cheetah, don’t hesitate to reach out or leave a comment below.

December 19th, 2018March 16th, 2019

Fixing The Cover Image Height In WordPress’s Twenty Seventeen Theme

Overall, I am pretty happy with the Twenty Seventeen theme that ships with WordPress, but one thing that really drives me crazy is that whatever cover image you upload takes up nearly 100% of the entire web browser when viewing on a desktop or laptop. I find it darn near infuriating, because I have to scroll down just to click on a menu link or see content. That ain’t right.

I mean, just look at this:

We can do better.

December 18th, 2018March 16th, 2019

Fixing the Homepage Post Width in WordPress’s Twenty Seventeen Theme

I’m still relatively new to WordPress, but one of the things that really got me worked up was the width issue on the front page of my website. I mean, just look at this:

So I did some Google searches and actually didn’t have much luck. There were no settings in WordPress that I could change, and the CSS settings that I found just didn’t work.

December 14th, 2018January 25th, 2020

Saying Goodbye to Drupal and Hello to WorldPress!

Way back in 2005, I converted my website (and its predecessor) over to Drupal. Drupal has served me well for the last 13 years, but due to the direction in which Drupal as a product has moved, I do not feel it is the right choice for me anymore.

So I instead checked out WordPress, and was rather happy with it. It does one thing (blogging) really really well, instead of trying to be the “kitchen sink” like Drupal. As of this writing, I’ve ported over just about all of the content I wanted to port over, and have since switched www.dmuth.org to point to this WordPress Install.

Along the way, I learned some thing about how to set up and configure WordPress, let me share them with you:

Looking forward to running this platform for the next 13 years. 🙂

— Doug

December 13th, 2018March 16th, 2019

WordPress 5 in Docker with Nginx and LetsEncrypt

TL;DR If you are comfortable with Docker and Docker Compose, you can go straight to the GitHub repo and get started. For the everyone else, read on…

When I stood up this website, I wanted to do so in Docker, but I ran into an issue: the official WordPress Docker image runs Apache. Apache is a nice webserver for small amounts of traffic, but it does not scale well. As more concurrent connections come into a server running Apache, more copies of the httpd process are forked, which causes RAM usage to go up. Having RAM usage regularly go up and down is not ideal.

Fortunately, there is a better way. The Nginx webserver, combined with PHP running in FPM mode scales much better as the memory usage is more constant, which means that peak loads on the server won’t cause you to thrash the swapfile. Encryption would also be nice, so I wanted to have some SSL going as well.

I couldn’t find any existing solutions, so I built one! In this post, I’m going to walk through each piece of the puzzle.

January 15th, 2018May 18th, 2019

Anthrocon Role Change

Just to put this out here as well, after serving on Anthrocon’s Board of Directors for 14 years, I am stepping into an Emeritus Director position.

I foresee no short-term changes in my responsibilities, and you can read more about the change and why I made it over on Facebook.