Showing posts with label Howtos. Show all posts
Showing posts with label Howtos. Show all posts

Jul 23, 2016

Elastic Stack: Process IIS Logs

Overview

In this tutorial, I will show you how we can read IIS Logs, process, and send them to Elasticsearch for further analysis. There are many graphs from IIS Logs that give us useful information about our site traffic and performance
  • IIS Average time-taken: shows overall site performance/response time
  • IIS Requests over Time: shows site load
  • IIS Average time-taken per site: shows site performance/response time per cs-host
  • IIS Average time-taken per server: shows site performance/response time per s-computer
  • IIS Response Codes: 200, 301, 403, etc.
More details about IIS Log fields: https://technet.microsoft.com/en-us/library/cc754702(v=ws.10).aspx

We can also parse GeoIP info from client IP and users' devices, OS, and browsers from cs(UserAgent) field.

Some abbreviations:
  • Logstash: LS
  • Elasticsearch: ES
  • Kibana: KB
If you are new to Elastic Stack, you should start with this.

Diagram

Let's start by looking the following diagram:
IIS Log Processing Diagram
There are many tools to read and forward logs in real time, but I prefer nxlog  for its rich features, lightweight, fast, and simplicity. We can use Filebeat to read and ship logs to LS and let LS handle the processing; however, when we are looking at tens of thousands of web requests, or log lines, per second, I think that shifting the processing part to the source of the logs allows us to process faster at a lower resource cost. Typically, I would let LS do as less processing as possible.

Read more »
Posted by at No comments:
Labels: , ,

Feb 3, 2014

Change Network location from Public to Private in Windows 8.1

If we are using Windows 8 or 8.1 at home or at work, and others cannot access shared folders on our PCs, then maybe our network profile is set to Public as default. If we are lucky, follow this post can help us change the profile to Private to enable file sharing http://community.spiceworks.com/how_to/show/18934-change-network-location-from-public-to-private-in-windows-8.

However, on my Windows 8 or 8.1 PCs, I cannot right click on the Network icon to change the profile as instructed, so there is another way.
Read more »
Posted by at No comments:
Labels: ,

Feb 2, 2014

mpt-statusd: detected non-optimal RAID status

If we install Debian Wheezy 7.3 on VMware, we may get a lot of errors in /var/log/messages like:
mpt-statusd: detected non-optimal RAID status Because there is no RAID device within a VM, unless you setup RAID, we can disable the mpt-statusd
service mpt-statusd stop
update-rc.d mpt-statusd remove
Posted by at No comments:
Labels: , ,

Jan 31, 2014

How to install GlusterFS 3.4.x server and client on Debian Wheezy 7.3

1. Install glusterFS 3.4.x

 Add the GPG key to apt
wget -O - http://download.gluster.org/pub/gluster/glusterfs/3.4/3.4.2/Debian/pubkey.gpg | apt-key add - Add the source and update package list
echo deb http://download.gluster.org/pub/gluster/glusterfs/3.4/3.4.2/Debian/apt wheezy main > /etc/apt/sources.list.d/gluster.list

apt-get update Install gluster server and client apt-get install glusterfs-server glusterfs-client Ref: http://download.gluster.org/pub/gluster/glusterfs/3.4/3.4.2/Debian/README

 2. Dealing with mounting issue at boot time

 With GlusterFS 3.4.2, we may get in trouble trying to mount the gluster volume via /etc/fstab
<server-ip>:/gluster_volume /var/mount glusterfs defaults,_netdev 0 0 This may not mount the volume as we expect in previous version of glusterFS. Therefore, we have to use a script to mount our glusterFS volume at boot time.
Read more »
Posted by at No comments:
Labels: , ,

Jan 26, 2014

Install VMware Tools on Debian Wheezy 7.3

To install VMware Tools on Debian Wheezy 7.3 we have install gcc, make, and linux hearders packages first (can be installed from the DVD source)
apt-get install gcc make linux-header* linux-kbuild*
 Mount the VMware Tools iso
mount /dev/cdrom /mnt
 Extract the tool
cd /mnt
tar xvf VMware* -C /tmp
 Install VMware Tools
cd /tmp/vmware-tools-distrib
./vmware-install.pl
 Note: If we clone a VM on vSphere and see the VMware Tools status as Current (not running), then we need to rerun the VMware Tools config after cloning
/usr/bin/vmware-config-tools.pl
 After that, check if we can see the IP of the VM.
Posted by at No comments:
Labels: , ,

Jan 3, 2014

VMware Tools are not running after cloning a CentOS VM

After cloning a CentOS virtual machine, the VM status may say that the VMware Tools are not installed and running. If we have installed the VMware Tools in the source VM, then the VMware Tools are still there, we just need to rerun the VMware Tools configuration script
/usr/bin/vmware-config-tools.pl
Posted by at No comments:
Labels: , ,

How to install GlusterFS on CentOS 6.5

1. Install from gluster repo
Install gluster repo cd /etc/yum.repos.d/
wget http://download.gluster.org/pub/gluster/glusterfs/3.4/3.4.0/EPEL.repo/glusterfs-epel.repo Install gluster server and client yum install glusterfs-server If we want to install only glusterfs client, then run yum install glusterfs-client Start GlusterFS chkconfig --level 235 glusterd on
service glusterd start
2. Install from rpm packages
Download the packages for CentOS mkdir /tmp/glusterfs
cd /tmp/glusterfs
wget -l 1 -nd -nc -r -A.rpm http://download.gluster.org/pub/gluster/glusterfs/LATEST/RHEL/epel-6.5/x86_64/ Install the GlusterFS packages yum install glusterfs-3.4.2-1.el6.x86_64.rpm glusterfs-fuse-3.4.2-1.el6.x86_64.rpm glusterfs-geo-replication-3.4.2-1.el6.x86_64.rpm glusterfs-server-3.4.2-1.el6.x86_64.rpm glusterfs-cli-3.4.2-1.el6.x86_64.rpm glusterfs-libs-3.4.2-1.el6.x86_64.rpm Start GlusterFS chkconfig --level 235 glusterd on
service glusterd start You may need to change the package names if versions are different. Ref: http://www.howtoforge.com/high-availability-storage-with-glusterfs-3.2.x-on-centos-6.3-automatic-file-replication-mirror-across-two-storage-servers
Posted by at No comments:
Labels: , ,

Dec 25, 2013

How to use nslookup tool on Windows to query a DNS server

It seems weird to talk about how to use nslookup tool on Windows. Almost every sys admin has used nslookup. I just want to mention some options in nslookup since all I have done so far is to type nslookup in a command prompt, then type a hostname or an IP. I used to change my DNS IP in network connection in case I need to query from another DNS server, and as I was looking for a tool to do that without changing the IP in network connection, I got my answer with nslookup /?

To query from a DNS server, we can either
nslookup <hostname> <DNS server IP>
Ex: nslookup google.com 8.8.8.8

or for interactive mode
nslookup - <DNS server IP>
Ex: nslookup - 8.8.8.8
Posted by at No comments:
Labels: ,

Dec 17, 2013

Change Windows Server 2012 network profile to Private

As default, Windows Server (R2) 2012 set its network profile to Public. Not as in Windows Server 2008 in which we can change profile via GUI, in Server 2012, we can change via Windows PowerShell (It seems that MS is forcing us to go back to command line OS)

1. Open Windows PowerShell
2. Run Set-NetConnectionProfile -NetworkCategory Private
3. Check if the profile has changed by running Get-NetConnectionProfile
Posted by at No comments:
Labels: ,

Nov 21, 2013

Amazon Send to Kindle Network error occurred issue

Issue
Some may get this error " Network error occurred" when using Send to Kindle for Windows

Solution
Download and install this version.
http://s3.amazonaws.com/sendtokindle/SendToKindleForPC-installer-v1.0.1.237.exe
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)