Ever come into the situation where you need to whitelist a long list of IPs for a EC2 instance? It can be painful to add them manually one by one. On top of that, what if these IPs change on a regular basis? You are in luck! I will show you how to update Security Group rules automatically using Python🐍.
Here’s my use case. I got an EC2 instance takes syslog feeds from VMWare’s WorkspaceOne.
One of the best practice to setup Splunk Universal Forwarder (UF) is to encrypt incoming log traffic with TLS. This is especially important if your intake is from an external source on Internet, e.g from a SaaS solution. In this blog I will demostrate the steps to get this setup. First, we will create a public A DNS record for the UF. This is because our UF will be receiving logs from Internet.
I haven’t been very diligent on maintaining this blog. There has been quite a few SPAM comments accumulated on my posts. I am going to turn on moderation to block those. But I need a way to clean all those existing SPAM comments. So over the weekend, I wrote this PowerShell script to do just that. In the end, it will probably take less time if I just manually all the cleanup manually.
Today we will look at how to use Ansible to update Splunk UF (Universal Forwarder) configuration. The benefits of using Ansible to achive this are:
- Save the hassel to manually modify conf files of syslog-ng and splunk uf.
- Codify Splunk UF configuratoin, so they can be version controlled via GitHub.
- Automate multiple UFs update without the need to ssh to each single server. - The playbook can also be used to configure newly provisioned Spunk UF.
I recently ran into an issue after update Exchange 2016 from CU15 to CU17. The upgrade installation took around an hour, but was eventually completed successfully according to the Installation Wizard at least. When I tried to access ECP, I got the error below even before the login page shows up. At the meantime, Exchange Management Shell is inaccessible due to the error.
In the eventlog, there are lots of 1003 errors relate to MSExchange Front End HTTP Proxy.
Tom Tech Blog