Is it Elastalert? No – it’s NiFi!!

One common requirement for users of Elasticsearch is to have automatic alerts sent out whenever some query gets matched, or when some other condition gets satisfied. In fact, Yelp have come up with a python-based solution for this in the form of Elastalert, which at time of writing, is extremely popular with over 5.5K stars … Continue reading Is it Elastalert? No – it’s NiFi!!

Advertisements

Consuming Netflow using NiFi

The problem Several network devices (especially Cisco) tend to use netflow for auditing network connections. It would be useful to log these connections in a structured data store (Elasticsearch is my data store of choice). Alternative Solutions Using the elasticsearch netflow module: https://www.elastic.co/guide/en/logstash/current/netflow-module.htmlThis works well right out of the box, and supports all netflow versions. … Continue reading Consuming Netflow using NiFi

Pentesting gRPC / Protobuf : Decoding First steps

Protocol Buffers (a.k.a ProtoBuf) and other binary serialization representations are gaining popularity, especially in inter-microservice communication. Unlike JSON or HTTP, ProtoBufs are not human readable (hence the "binary" part of binary serialization) , but that translates into an advantage of  less overhead, leading to performance gains, and the ability to code against a fixed schema … Continue reading Pentesting gRPC / Protobuf : Decoding First steps

Lessons learnt: Of Spring Boot + OAuth2 + redirect URIs

TL;DR: make sure NGINX is setup correctly (proxy_set_header) before messing around with your code. Scenario: Deploying a Spring Boot micro-service behind an NGINX reverse proxy gave us issues when using default Google OAuth2 configuration as described here , basically showing the "Redirect URI Mismatch" mentioned at the very end of the linked article Trying the solution based … Continue reading Lessons learnt: Of Spring Boot + OAuth2 + redirect URIs

Reactive Spring: Webflux Multipart File Upload

A clear, simple example of multipart file upload using Reactive Spring Spring Boot v2.0.3.RELEASE Coding using reactive functional style (as opposed to annotation-based) Spring Initializr Dependencies: "Reactive Web" Language: Kotlin Notes follow after the code: https://gist.github.com/dvas0004/fdb63086cd77869066e83a1ca25757d9 Notes: Spring Webflux makes it extremely easy to build reactive web services - but it takes a while to … Continue reading Reactive Spring: Webflux Multipart File Upload

Elasticsearch & Java: Tips for faster re-indexing

Notes based on some feedback: Elasticsearch seem to be pushing the REST client rather than using the native Java client... to future proof your code you may be better off going down this route. Why not just use the Re-Index API? Although it's still considered experimental, this may be a good option if you dont have … Continue reading Elasticsearch & Java: Tips for faster re-indexing

Proxy re-encryption

What is proxy re-encryption? Proxy re-encryption lets Alice send Bob a message (M) via a semi-trusted proxy, without revealing Alice's private key to either the proxy or Bob, and without revealing the secret message to the proxy. As Wikipedia puts it: "Proxy re-encryption schemes are cryptosystems which allow third parties (proxies) to alter a ciphertext … Continue reading Proxy re-encryption