journalctl Notes Show logs since a specific timejournalctl --since yesterday journalctl --since "1 hour ago" journalctl --since "2020-09-03 12:34"Show logs for a specific systemd unitjournalctl -u haproxy.serviceShow logs for several units togetherjournalctl
awk one-liners (This is a work in progress)Get the average of a columnls -l | grep -v total | awk -F' ' '{sum += $5 } END { print "AVG=", sum/NR }'Print a file with line numbersawk
Find the process listening on a port Using netstatPORT=80; sudo netstat -ltnp | grep ":${PORT}"Using lsofPORT=80; sudo lsof -i :${PORT}
Show number of connections per destination for a specific port PORT=5432; netstat -an |grep ":${PORT} " | awk '{count[$5]++} END {for (host in count) print host, count[host]}'To view the same over time:PORT=5432; watch "netstat -an |grep \":${PORT} \" | awk
Find deleted files that have file handles open If you have unexplained disk usage that isn't reflected in du output, you most likely have a process holding onto a filehandle for a file that has since been deleted. You can use
Clearing IPTables rules Occasionally I find it necessary to quickly clear out all the IPTables rules without accidentally losing access to the machine. I've found the below commands to be the quickest way to accomplish that
Side Tabs in Firefox 66 I've become so used to using side tabs (TreeStyleTabs) in Firefox, that it's somewhat painful to use any other browser in more than a passing manner. My work laptop was just replaced, and
SSH Private Keys - RSA vs. OpenSSH It would seem that ssh-keygen on OS X Mojave generates OpenSSH Private Keys instead of the traditional RSA Private Keys. While on the surface this is not a problem at all, it recently
postgresql Handy PostgreSQL queries Estimate number of rows in tableSELECT reltuples::BIGINT AS estimate from pg_class where relname='<TABLE_NAME>';Show running queriesSELECT pid , age(clock_timestamp(), query_start) , usename , query FROM
ssh SSH Command Line Options Strict Host Key CheckingSetting StrictHostKeyChecking to no instructs SSH to bypass verification of the remote host's key. Including this options will disable the mismatch prompt and automatically add the host key to ~/.ssh/
linux Lines per second from a log file in realtime tail -f /path/to/log/file | pv -l -i 10 -r > /dev/nullpv options user:-l count lines-i10 refresh every 10 seconds-r display rate counter
varnish Varnish One-Liners LoggingFilter by request host headervarnishlog -q 'ReqHeader ~ "Host: example.com"'Filter by request urlvarnishlog -q 'ReqURL ~ "^/some/path"' Filter by client IP (behind reverse proxy)varnishlog -q 'ReqHeader ~ "X-Real-IP: .*123.123.123.
linux Artificial Latency While trying to reproduce an issue, it's often useful to be able to artificially introduce latency without simply killing a service. The tc command, coupled with iptables allows you to achieve that goal.
linux OpenSSL Notes Creating/ModifyingGenerate a new private keyopenssl genrsa -out example.key 2048Remove a passphrase from a private keyopenssl rsa -in example.key -out new_example.keyGenerate a new private key and CSR (certificate signing
linux nstat dumping core nstat is a tool for collecting linux network statistics. I use it in my monitoring stack to collect information about UDP data loss. The command maintains state, and on rare occasions, that state
linux Monitoring UDP Traffic Install pktstatsudo apt-get install pktstatShow all UDP traffic to port 8125, ordered by quantity of datasudo pktstat -tn udp dst port 8125
aws Find IAM user by Access Key Assuming the AWS command is installed and configured correctlyAWS_ACCESS_KEY=AKIAXXXXXXXXEXAMPLE aws --output text iam list-users | awk '{print $NF}' | xargs -P10 -n1 aws --output text iam list-access-keys --user-name | grep ${AWS_
chef Calculating checksums for Chef's remote_file resource Remote file:curl -L -s http://path/to/remote/file | shasum -a 256 | cut -c-12Local file:shasum -a 256 /path/to/file | cut -c-12
linux Pipe output to a file without permissions Sometimes you want to redirect the output of a command into a file that you don't own.$ ls -al /tmp/root_owns_this -rw-r----- 1 root wheel 10 Aug 21 09:06 /tmp/
ci Jenkins Git Plugin, SCM Polling and Duplicate Builds I have a Jenkins instance running inside a firewall performing builds against a GitHub hosted repository. Because of the firewall and security concerns, GitHub webhooks are not an option for triggering builds, but
ssh tcgetattr: Inappropriate ioctl for device Recently a colleague of mine was working on a bash script to copy a script to a group of servers, run the script and display the output. The basic structure of the script