Like a lot of people, I’m wanting to replace Splunk. To that end I’ve been looking into Elasticsearch.

My prerequisites are:

• Replace Splunk Enterprise (or Splunk Free) with Elastic and its web UI Kibana;
• Replace Splunk Forwarder with Filebeat;
• Consume syslog over UDP using rsyslog;
• Use TLSv1.2 or better;
• Have an easy to deploy, low-resource client;
• Not use the resource-hungry Logstash.

So I’ve downloaded the RPM’s for the stack I want to use (some extra beats to play with too) and we’ll also install a JDK and a couple of rsyslog modules for later, this was all for CentOS 8.2, but I’ve tested Filebeat at least with SLES 12SP5:

I decided to go all SSD in my T5610 as I could use the speed and wanted to get rid of the extra SATA cables, power splitters, 5.25" caddy, hard disk and an old SSD running on SATA2 etc; it also will pave the way for adding an NVMe when the prices fall a bit, and passing through an SSD to KVM for nested ESXi, although I found it doesn’t speed up a SUSE install at all over qcow2. So I now have a 1Tb SSD for VM’s and a 2Tb SSD for boot and data, both Crucial MX500.

I’ve been having another go at learning to wire up ethernet cable, specifically CAT6 cable. I’d previously tried CAT5 years ago and gave up as I was useless at it. Well turns out one of my line testers was knackered, so maybe I wasn’t so bad at it after all?!

Also I found this video which shows how to unwind the conductors using the spare bit of sheath that you’ve just removed - it really does the job and saves your poor fingers:

Well I’ve converted my blog from wordpress to static, so no more mysql/php on this server, just markdown.

I must get around to adding some new content, not actually posted for over 2 years!

I’ve been doing lots of stuff with QEMU/KVM and even some ESXi (yuk!) and not using VirtualBox anymore. See my github for various libvirt scripts including VFIO with macOS/Win10, AutoYast with SUSE, kickstart for RedHat, preseed for Debian, virt-builder for Fedora, nested ESXi; and also how to configure your host.

I’ve been experimenting with using non-standard pins on an ATtiny85. Using XTAL1 and XTAL2 is simple if you run off the internal oscillator at 8MHz/3.3v but I want to also use the RESET pin as D5/A0.

When you re-purpose the RESET pin, you lose the ability to program using an ISP, so we have to use a high voltage serial programmer (HVSP) which basically applies 12v to the RESET pin to set the fuses.